CISM - Certified Information Security Manager
Background: The Inter-American Development Bank is looking for an IT security and risk expert to work in the Security and Risk Team. The candidates should have experience designing, engineering, and implementing security solutions for IaaS, SaaS, and PaaS environments and performing IT risk assessments of security controls.
The team: The IT department designs and implements the Bank’s IT Strategy and provides the governance, tools, solutions, and services to implement it. The IT Security and Risk Team is part of the IT Policy and Planning Division which is responsible for IT policies, architecture, security risk and governance for the IDB Group.
What you’ll do: Reporting directly to the Bank’s CISO, you will work within a group of security minded and enthusiastic team players providing strategic and technical advice setting the vision for the group, addressing challenges, and developing robust security baselines and processes. The specific areas of responsibility are:
Establish, maintain, and continuously enhance the Information Security and IT Risk Management program, which includes alignment of the program with standard Cybersecurity Frameworks and the contextual analysis of the security landscape to propose new creative and innovative projects and ideas to eliminate gaps and optimize existing processes.
Provide security domain expertise to the various cloud operations and development teams, to design and integrate secure cloud architectures and methodologies across SaaS, PaaS, IaaS, serverless compute and event-driven platforms.
Maintain, monitor, report and continuously improve the IT risk and Cybersecurity dashboard, using modern analytics tools, that includes key security indicators and metrics, such as the information technology risk register, and its alignment with the Bank’s Digital strategy.
Work collaboratively with other teams to integrate security controls in the DevSecOps pipeline and the automation of detection and remediation actions to ensure compliance with established security standards.
Identify, assess, and communicate current and emerging security threats, vulnerabilities, risks, business impact and exposure, and develop security architecture elements to mitigate them.
Improve the Bank’s information security awareness program to promote broader use of security standard methodologies in the Bank. Liaise with key Bank Stakeholders to assist and collaborate in the dissemination of the security awareness materials and training and identify challenges and opportunities.
Participate in the execution of the IT Internal Controls Framework, which evaluates the effectiveness of the implementation and execution of a predefined set of IT controls for financial systems.
Skills you will need:
You hold a Master’s degree in Cybersecurity, Computer Science or related field.
Minimum 5 years combined experience in cybersecurity, risk management or software development.
Experience with designing and implementing Cybersecurity controls to identity, protect, detect, respond, and recover from cyber threats and vulnerabilities.
Experience working with and implementing common frameworks and security and compliance standards such as Cloud Security Alliance (CSA) cloud controls, ISO 27001, SWIFT CSP, OWASP, SOC, and NIST CSF.
Technical skills in cloud and security design in AWS and Azure incorporating native security controls (including network firewalls, access control lists, encryption, auditing, and monitoring, alerting, secrets management, and security scores).
Experience programing and scripting.
Experience creating and analyzing indicators and metrics based on risk.
Certifications in the fields of information security, IT risk, cloud security are desirable. AWS Certified Security Specialty, CISSP, CISM, CISA certifications are preferred.
Languages: You are proficient in English and in another Bank official language (Spanish, Portuguese and/or French).
Consanguinity: You have no family members (up to fourth degree of consanguinity and second degree of affinity, including spouse) working at the IDB, IDB Invest, or IDB Lab.
Requirements: Candidates must be citizens of one of the IDB’s 48 member countries and have no family members currently working at the Bank.
Our culture: Our people are committed and passionate about improving lives in Latin-America and the Caribbean, and they get to do what they love in a diverse, collaborative and stimulating work environment. We are the first Latin American and Caribbean development institution to be awarded the EDGE certification, recognizing our strong commitment to gender equality. As an employee you can be part of internal resource groups that connect our diverse community around common interests.
Because we are committed to providing equal opportunities in employment, we embrace all diversity and encourage women, LGBTQ+, persons with disabilities, afro-descendants, and Indigenous people to apply.
About us: At the IDB, we’re committed to improving lives. Since 1959, we’ve been a leading source of long-term financing for economic, social, and institutional development in Latin America and the Caribbean. We do more than lending though. We partner with our 48-member countries to provide Latin America and the Caribbean with cutting-edge research about relevant development issues, policy advice to inform their decisions, and technical assistance to improve on the planning and execution of projects. For this, we need people who not only have the right skills, but also are passionate about improving lives.
The IDB offers a competitive remuneration and benefits package.
Our team in Human Resources carefully reviews all applications.
Due to the current COVID-19 pandemic and its implications for our Region, the IDB Group is reviewing its hiring needs and re-prioritizing its areas of talent acquisition. We encourage candidates to continue to apply to the active postings, yet current job openings may be subject to further decisions in terms of timing of the processes, or other actions, in accordance with business needs. Final hiring decisions may also be conditioned to the candidate’s ability to timely relocate to the post of duty at the moment of starting service
About Inter-American Development Bank
We work to improve lives in Latin America and the Caribbean. Through financial and technical support for countries working to reduce poverty and inequality, we help improve health and education, and advance infrastructure. Our aim is to achieve development in a sustainable, climate-friendly way. With a history dating back to 1959, today we are the leading source of development financing for Latin America and the Caribbean. We provide loans, grants, and technical assistance; and we conduct extensive research. We maintain a strong commitment to achieving measurable results and the highest standards of integrity, transparency, and accountability.
The IDB prioritizes social inclusion and equality; productivity and innovation; and regional economic integration in its development work across Latin America and the Caribbean. In doing so, it addresses the cross-cutting issues of gender equality and diversity; climate change and environmental sustainability; and institutional capacity and the rule of law. Learn more about the Institutional Strategy here.