Threat Intelligence Specialist-ITDSG

Work for the IMF. Work for the World.

The Information Technology Department (ITD) at the IMF is more than just a support function; it is a critical catalyst for change. We champion the seamless integration of cutting-edge technology solutions, ensuring the IMF's mission is propelled by innovation and efficiency.

Within the IT department, the Information Security and Governance (ISG) division and other first-line cybersecurity teams stand as the guardians of integrity and a beacon of trust. We are not just about managing risks; we are about envisioning, enabling, and implementing a secure future for global economic stability. Our teams are dedicated to:

- Crafting and executing a forward-thinking and resilient Cybersecurity Strategy.
- Enacting inclusive governance that balances security needs with operational fluidity.
- Developing policies and standards that stay ahead of the threat landscape.
- Ensuring compliance, resilience, and agility in our cybersecurity posture.
- Engaging in relentless evaluation, management, and tracking of cybersecurity and digital risks linked to the utilization of the Fund's information assets, ensuring a secure operational framework.
- Continuously enriching our annual information security culture, awareness, and education initiative, fostering a security-conscious environment across the organization.
- Administering a compliance management program dedicated to maintaining firm adherence to the Fund's information security policies and standards.
- Preserving a solid enterprise security reference architecture that acts as a safeguard for the Fund's information assets against pertinent threats.
- Engineering, implementing, and sustaining secure and resilient technological solutions, spanning both on-premises and cloud infrastructures, to support the Fund's mission.
- Overseeing cyber threat intelligence, and incident management, digital forensics, and investigations, alongside championing innovation in cybersecurity practices to achieve operational excellence and deliver value promptly.

As we expand our efforts to serve the Fund's staff and its members more effectively, we invite seasoned cybersecurity professionals to our elite cybersecurity teams. We are looking for individuals with the requisite skills and expertise to address the current and forthcoming cybersecurity and business challenges faced by the Fund.

**Job Summary**





The Information Technology Department (ITD)’s Information Security and Governance (ISG) division of the International Monetary Fund (IMF) is seeking to fill a Threat Intelligence Specialist position.





Under the general supervision of the Section Chief, Information Security (ATP/SOC), the Threat Intelligence Specialist will be responsible for collecting, processing, analyzing, and disseminating cyber threat intelligence and assessments to various technical and management audiences at the IMF. The incumbent will work closely with a team of highly skilled cybersecurity analysts, business stakeholders and threat intelligence communities.





**Major Duties and Responsibilities**





1\. Supports the ATP/SOC Section Chief in enhancing, sustaining and demonstrating value of the IMF’s threat intelligence program.



2\. Identifies, analyzes, prioritizes and disseminates cyber threat intelligence using open and closed source research into suspicious activity to investigate adversary behavior in partnership with other teams in the SOC, engineering, and business stakeholders.





3\. Creates and delivers timely actionable written and verbal intelligence products targeted toward tactical, operational, and strategic audiences enabling business stakeholders, management, and security analysts to make risk-based decisions.





4\. Maintains awareness of trends and risks that can affect the IMF as it relates to the intersection between geopolitics, third-party risk, vulnerabilities, IMF operations, and the cyber threat landscape. Takes a proactive approach to learning about the latest threats, threat actors, tactics, techniques and procedures, and malware.





5\. Monitors threat actor TTPs and perform link analysis on indicators of attack (IOAs), indicators of compromise (IOCs), and TTPs, whilst enriching other information security functions (risk management, vulnerability management, security monitoring and incident response, etc.) with relevant threat information.





6\. Builds and enhances the Fund’s network of threat intelligence sources through collaboration and sharing intelligence with intelligence communities across industry groups such as FSISAC, Central Banks, UN system, and National CERTs.





7\. Ensures security operations analysts are equipped with the latest security intelligence from subscribed feeds and through partnerships with other International Organizations, service providers, intelligence communities, and external law enforcement agencies.





8\. Contributes to the IMF’s security culture, training and awareness program by sharing the latest cyber threats and prevention strategies.





9\. Carries out other duties as assigned.





**Minimum Qualifications**





Advanced degree in cybersecurity, computer science, engineering, mathematics, or related field of study plus a minimum of 4 years of progressive information security work experience OR Bachelor’s degree in cybersecurity, computer science, engineering, mathematics, or related field of study and minimum 10 years of progressive cybersecurity work experience in regulated industries.





- Candidates should possess one or more of the following certifications— CISSP, CISM, CISA, GIAC certifications (GCIH, GCTI, GCFE, GSOC, GDAT etc.) or equivalent.





**Technical Requirements**



- Experience in operating threat intelligence programs in organizations facing complex and sophisticated threats (external and internal). Experience partnering and working with cyber threat intelligence communities and information security focused ISACs.



- Experience conducting and correlating threat research using OSINT, incident response data, and security tools, performing threat modeling, graphical link analysis, and producing threat assessments.



- Experience with structured analysis techniques (Diamond Model, Cyber Kill Chain) as well as a proven understanding of the MITRE ATT&CK framework.



- Understanding in at least one of the following: Cloud intrusion analysis in adversary operations; analyzing sophisticated malware samples used in targeted attacks against large corporate or government entities; analyzing forensic and log data associated with advanced targeted adversaries.



- Experience with security tools such as SIEM, threat intelligence platforms, and malware analysis tools. Knowledge of programming languages (e.g., Python, PowerShell) and operating systems.



- Active security clearance at level (Secret, Top Secret) in any government is a plus.











**Work Management Skills**

- Ability to deliver high-quality written technical assessments of threats.
- Enhanced professional, operational, and interpersonal skills to function effectively in collaborative stakes and high-stress situations.
- Ability to navigate through obstacles and challenges effectively and demonstrate commitment to deliver successful results.
- Analytical skills that enable synthesis of inputs from many sources and allow for strategic thinking and tactical implementation.
- Spoken and written communications that are compelling, convincing, and reassuring, and skills to articulate complex technical ideas to non-technical stakeholders.
- Pragmatic security expert with an inherent ability to balance security demands with business reality.
- Work independently with little to no guidance and/or direction to develop and maintain overall analytical production.









*This vacancy shall be filled by a 3-year Term appointment in accordance with the Fund’s new employment rules that took effect on May 1, 2015.*

**Department:**

ITDSG Information Technology Department Information Security & Governance**Hiring For:**

A11, A12*The IMF is committed to achieving a diverse staff, including age, creed, culture, disability, educational background, ethnicity, gender, gender expression, nationality, race, religion and beliefs, and sexual orientation. We welcome requests for reasonable accommodations for disabilities during the selection process.*