![IMF - International Monetary Fund](https://media.trabajo.org/img/noimg.jpg)
Product/Platform Security Lead
2 weeks ago
Work for the IMF. Work for the World.
The Information Technology Department (ITD) at the IMF is more than just a support function; it is a critical catalyst for change. We champion the seamless integration of cutting-edge technology solutions, ensuring the IMF's mission is propelled by innovation and efficiency.
Within the IT department, the Information Security and Governance (ISG) division and other first-line cybersecurity teams stand as the guardians of integrity and a beacon of trust. We are not just about managing risks; we are about envisioning, enabling, and implementing a secure future for global economic stability. Our teams are dedicated to:
- Crafting and executing a forward-thinking and resilient Cybersecurity Strategy.
- Enacting inclusive governance that balances security needs with operational fluidity.
- Developing policies and standards that stay ahead of the threat landscape.
- Ensuring compliance, resilience, and agility in our cybersecurity posture.
- Engaging in relentless evaluation, management, and tracking of cybersecurity and digital risks linked to the utilization of the Fund's information assets, ensuring a secure operational framework.
- Continuously enriching our annual information security culture, awareness, and education initiative, fostering a security-conscious environment across the organization.
- Administering a compliance management program dedicated to maintaining firm adherence to the Fund's information security policies and standards.
- Preserving a solid enterprise security reference architecture that acts as a safeguard for the Fund's information assets against pertinent threats.
- Engineering, implementing, and sustaining secure and resilient technological solutions, spanning both on-premises and cloud infrastructures, to support the Fund's mission.
- Overseeing cyber threat intelligence, and incident management, digital forensics, and investigations, alongside championing innovation in cybersecurity practices to achieve operational excellence and deliver value promptly.
As we expand our efforts to serve the Fund's staff and its members more effectively, we invite seasoned cybersecurity professionals to our elite cybersecurity teams. We are looking for individuals with the requisite skills and expertise to address the current and forthcoming cybersecurity and business challenges faced by the Fund.
**Job Summary**
The Information Technology Department (ITD)’s Information Security and Governance (ISG) division of the International Monetary Fund (IMF) is seeking to fill a Product/Platform Security Lead (App Security) position.
Under the general supervision of the Chief Information Security Officer, this role will develop, mature, and drive application security initiatives at IMF including the design, implementation, and management of a comprehensive program to embed security into the software development lifecycle.
The role will serve as a lead subject matter expert on application security, providing pragmatic guidance to stakeholders across the organization.
**Major Duties and Responsibilities**
1\. Enhances, executes, and manages a formal application security program. Establish and execute forward looking application security strategies that enable proactive secure application development.
2\. Works closely with the broader information security team to align application security efforts with overall security objectives and initiatives.
3\. Partners with application development and operation teams (and business stakeholders) to set the path for secure development practices for existing and future applications.
4\. Provides advice, in collaboration with the Security Assurance and Security Policy functions, on the development and maintenance of security standards, policies, and guidelines for application development. This includes enhancing software security design standards - building in security best practices at the beginning of the software development life cycle.
5\. Collaborates with the Security Architecture function to analyze and make recommendations to improve application security architectures.
6\. Provides guidance and training to developers on secure coding practices and common vulnerabilities.
7\. Collaborates with development teams in conducting application security tests, threat modeling, and code analysis to identify and mitigate security vulnerabilities
8\. Stays updated on emerging threats, vulnerabilities, and industry trends in application security, and ensure that security measures are continuously improved and updated.
9\. Regularly monitors the Application Security program’s operational health and maturity through key metrics and risk reporting.
**Minimum Qualifications**
Advanced degree in information security, computer science, engineering, mathematics, or related field of study plus a minimum of 8 years of progressive information security work experience; or a bachelor’s degree in information security, computer science, engineering, mathematics, or related field of study and minimum of 14 years of progressive information security work experience.
- Candidates should possess one or more of the following certifications— CISSP, CISM, CCSP, CEH, GIAC
- Experience leading IAM related programs in regulated industries.
**Relationship Management Skills**
- Ability to establish and maintain effective partnerships and working relations in a multi-cultural, multi-ethnic environment with sensibility and respect for diversity.
- Demonstrates ability to represent the department fully and successfully to internal and external audiences.
**Work Management Skills**
- Navigates through obstacles and challenges effectively and demonstrates commitment to deliver successful results.
- Ability to lead, guide and mentor a diversified team of information security experts.
- Ability to collaborate with IT and business colleagues to prioritize work, develop roadmaps, enhance services, and contribute meaningfully to the department’s service delivery.
- Ability to manage a broad portfolio of services; ability to balance multiple priorities and demands.
- Analytical skills that enable synthesis of inputs from many sources and allow for strategic thinking and tactical implementation.
- Interpersonal skills that create openness and trust among colleagues.
- Facilitation and conflict management skills that enable effective working relationships.
- Spoken and written communications that are compelling, convincing, and reassuring, and skills to articulate complex technical ideas to non-technical stakeholders.
- Pragmatic security expert with an inherent ability to balance security demands with business reality.
**Technical Skills**
- Experience with assessment of a comprehensive and broad set of security technologies and processes, secure software development (Application Security), data protection, cryptography, key management, identity and access management, cloud API integration, network security, logging and monitoring within SaaS, IaaS, PaaS, and other cloud environments.
- Experience working with cybersecurity capabilities within cloud infrastructure and services specifically for Microsoft Azure (amongst others e.g., Amazon Web Services-AWS and/or Google Cloud Platform-GCP).
- An understanding of web service frameworks, mobile application architectures, and service architectures (such as event-driven, service-oriented, or serverless architectures).
- Experience with Docker and micro-services architecture.
- Strong understanding of application security leading practices including OWASP and CWE.
- Extensive experience in secure code reviews, business logic assessment, application security testing and
- automation of application security processes.
- Experience managing secure coding and software deployment in a variety of current languages (e.g., Python, Node.js, C#, .NET, JavaScript, Go, Ruby, PowerShell, Bash, Scala). Experience with a variety of SDKs and RESTful API design/development.
- Familiar with application security tools like BurpSuite Pro, SAST, DAST, Nmap, Metasploit, and Kali Linux, etc. Experience in 3rd-party testing tools such as Fortify, AppScan, Veracode, WhiteHat, etc.
- Experience working with Agile development/Scrum methodologies, and incorporation of security requirements into SDLC (CI/CD) with product owners/managers.
- Familiarity with HTML/CSS, JavaScript and UI/UX design and software quality assurance principles.
*This vacancy shall be filled by a 3-year Term appointment in accordance with the Fund’s new employment rules that took effect on May 1, 2015.*
**Department:**
ITDSG Information Technology Department Information Security & Governance**Hiring For:**
A13, A14*The IMF is committed to achieving a diverse staff, including age, creed, culture, disability, educational background, ethnicity, gender, gender expression, nationality, race, religion and beliefs, and sexual orientation. We welcome requests for reasonable accommodations for disabilities during the selection process.*
-
Product/Platform Security Lead
1 week ago
Washington, Washington, D.C., United States IMF - International Monetary Fund Full timeWork for the IMF. Work for the World.The Information Technology Department (ITD) at the IMF is more than just a support function; it is a critical catalyst for change. We champion the seamless integration of cutting-edge technology solutions, ensuring the IMF's mission is propelled by innovation and efficiency.Within the IT department, the Information...
-
Product/Platform Security Engineer
2 weeks ago
Washington D.C., United States IMF - International Monetary Fund Full timeWork for the IMF. Work for the World. The Information Technology Department (ITD) at the IMF is more than just a support function; it is a critical catalyst for change. We champion the seamless integration of cutting-edge technology solutions, ensuring the IMF's mission is propelled by innovation and efficiency. Our commitment is to: - Maintain and elevate...
-
Product/Platform Security Engineer
2 weeks ago
Washington D.C., United States IMF - International Monetary Fund Full timeWork for the IMF. Work for the World. The Information Technology Department (ITD) at the IMF is more than just a support function; it is a critical catalyst for change. We champion the seamless integration of cutting-edge technology solutions, ensuring the IMF's mission is propelled by innovation and efficiency. Our commitment is to: - Maintain and elevate...
-
Product/Platform Security Engineer
2 weeks ago
Washington, Washington, D.C., United States IMF - International Monetary Fund Full timeWork for the IMF. Work for the World.The Information Technology Department (ITD) at the IMF is more than just a support function; it is a critical catalyst for change. We champion the seamless integration of cutting-edge technology solutions, ensuring the IMF's mission is propelled by innovation and efficiency.Our commitment is to: Maintain and elevate the...
-
Product Platform Security Engineer
2 months ago
Washington, United States CoStar Group Full timeResponsibilities Features (responsibilities and goals) of our product platform security suite: (AKA - what you will be building and evolving along a rockstar team that learns from and pushes each other to do great things!) Real-time vulnerability feedback in the IDE for insecure build patterns and artifacts (1P code, 3P code, containers, IAC, secrets) ...
-
Product/Platform Security Engineer
1 week ago
Washington, Washington, D.C., United States IMF - International Monetary Fund Full timeWork for the IMF. Work for the World.The Information Technology Department (ITD) at the IMF is more than just a support function; it is a critical catalyst for change. We champion the seamless integration of cutting-edge technology solutions, ensuring the IMF's mission is propelled by innovation and efficiency.Our commitment is to: Maintain and elevate the...
-
Platform Lead
3 weeks ago
Washington, United States Flanders.bio Full timeApply through our Inari Career portal hereWe are looking for a dynamic, self-motivated and proactive Platform Lead to join our Science Platform in support of Inaris mission to develop 21st century solutions to address global food challenges. Inaris Science Platform operates at our two research sites in Cambridge MA (USA) and Ghent (Belgium) and serves as the...
-
Product/Platform Security Engineer
6 days ago
Washington, United States International Monetary Fund Full timeWork for the IMF. Work for the World. The Information Technology Department (ITD) at the IMF is more than just a support function; it is a critical catalyst for change. We champion the seamless integration of cutting-edge technology solutions, ensuring the IMF's mission is propelled by innovation and efficiency. Our commitment is to: Maintain and elevate...
-
Lead Knowledge Analyst
7 days ago
Washington, D.C., United States Boston Consulting Group Full timeWHAT YOU'LL DO As a Lead Knowledge Analyst (LKA) in a Client Focused role within BCG's Public Sector Practice Area for Defense & Security, you will work in a growing global team, delivering value to clients via individual expertise and/or institutionalized knowledge assets (products, tools, data, workshops, frameworks, surveys, domain-specific data and...
-
Staff Product Security Engineer
2 weeks ago
Washington, United States J&J Family of Companies Full timeStaff Product Security Engineer WDescriptionEthicon Endo-Surgery Inc., a member of Johnson & Johnson MedTech, is recruiting for a Staff Product Security Engineer.Remote work options may be considered on a case-by-case basis and if approved by the Company.The Staff Product Security Engineer will be a key member of the Capital and Software organization, make...
-
Lead Knowledge Analyst
1 month ago
Washington, D.C., United States Boston Consulting Group Full timeWHAT YOU'LL DOAs a Lead Knowledge Analyst (LKA) in a Client Focused role within BCG's Public Sector Practice Area for Defense & Security, you will work in a growing global team, delivering value to clients via individual expertise and/or institutionalized knowledge assets (products, tools, data, workshops, frameworks, surveys, domain-specific data and...
-
Lead Knowledge Analyst
4 weeks ago
Washington, D.C., United States Boston Consulting Group Full timeWHAT YOU'LL DOAs a Lead Knowledge Analyst (LKA) in a Client Focused role within BCG's Public Sector Practice Area for Defense & Security, you will work in a growing global team, delivering value to clients via individual expertise and/or institutionalized knowledge assets (products, tools, data, workshops, frameworks, surveys, domain-specific data and...
-
Lead Knowledge Analyst
1 day ago
Washington, D.C., United States Boston Consulting Group Full timeWHAT YOU'LL DOAs a Lead Knowledge Analyst (LKA) in a Client Focused role within BCG's Public Sector Practice Area for Defense & Security, you will work in a growing global team, delivering value to clients via individual expertise and/or institutionalized knowledge assets (products, tools, data, workshops, frameworks, surveys, domain-specific data and...
-
Director of Product, Platform
2 days ago
Washington, United States Saildrone Full time**About Us** We are based in Alameda, CA, with offices in Washington DC and St. Petersburg, FL, and operate our missions worldwide. Saildrone is backed by top-tier investors in the frontier tech and sustainability sectors, including Social Capital, Capricorn, Lux Capital, BOND Capital, and Emerson Collective. This is an exciting opportunity with a...
-
Platform Engineer
3 weeks ago
Washington, United States Alldus Full timeOur client is a Series A startup within the Generative AI space and they are hiring an Platform Engineer to join the team. Backed by one of the leading venture capital firms in the industry, this is an exciting opportunity to join a SaaS company that is revolutionizing their industry. Responsibilities: As the Platform Engineer, you will design, implement and...
-
Section Chief-Information Security
2 weeks ago
Washington D.C., United States IMF - International Monetary Fund Full timeWork for the IMF. Work for the World. The Information Technology Department (ITD) at the IMF is more than just a support function; it is a critical catalyst for change. We champion the seamless integration of cutting-edge technology solutions, ensuring the IMF's mission is propelled by innovation and efficiency. Within the IT department, the Information...
-
Microsoft Power Platform Architect
4 weeks ago
Washington, United States Metric5 Full timeJob DescriptionJob DescriptionLocation: Remote/Washington, DCDescription:Metric5 is currently seeking a Microsoft Power Platform Architect to support a project within the Department of the Treasury. The Power Platform Architect will lead a team of developers and testers and be the technical subject matter expert for the existing Power Platform. You will...
-
Microsoft Power Platform Architect
4 weeks ago
Washington, United States Metric5 Full timeJob DescriptionJob DescriptionLocation: Remote/Washington, DCDescription:Metric5 is currently seeking a Microsoft Power Platform Architect to support a project within the Department of the Treasury. The Power Platform Architect will lead a team of developers and testers and be the technical subject matter expert for the existing Power Platform. You will...
-
Platform Engineer
2 weeks ago
Washington, United States Alldus Full timeOur client is a Series A startup within the Generative AI space and they are hiring an Platform Engineer to join the team. Backed by one of the leading venture capital firms in the industry, this is an exciting opportunity to join a SaaS company that is revolutionizing their industry.Responsibilities:As the Platform Engineer, you will design, implement and...
-
Director Product Digital Modernization
4 days ago
Washington D.C., United States Washington Metropolitan Area Transit Authority Full timeDeaprtment Marketing Statement The Director, Product Modernization is responsible for planning and implementing initiatives to modernize and transform WMATA's/ Digital Modernization's digital environment. Working closely with the Senior Director, Strategy & Portfolio Planning, this position is responsible for leading the definition and development of the...