More jobs:
Security Analyst/Senior Security Analyst; Cloud Security Assurance - ITDSGGR; Contractual
Job in
Federal Way, King County, Washington, 98003, USA
Listed on 2026-06-27
Listing for:
International Monetary Fund
Contract
position Listed on 2026-06-27
Job specializations:
-
IT/Tech
Cybersecurity, Cloud Computing: Infrastructure & Operations, IT Consultant, Information Security
Job Description & How to Apply Below
Job Summary
The International Monetary Fund (IMF) is recruiting a Security Analyst/Senior Security Analyst (Cloud Security Assurance) to work within the Information Technology Department’s Information Security and Governance (ISG) division. The role will provide expertise in defining, designing, engineering, and validating security configuration for technology platforms in the cloud and on-premises, working closely with project teams, service providers, and business units.
Responsibilities- Senior independent contributor providing cybersecurity assurance expertise for a broad range of IT initiatives focused on Microsoft Azure, Entra , and hybrid cloud environments.
- Define, guide, and validate implementation of technology-agnostic security control standards and platform-specific configuration baselines (security hardening) for both cloud and on-premises services, emphasizing automation and policy‑as‑code.
- Conduct quality assurance reviews of security requirements and audit recommendations, and produce unbiased risk reports.
- Communicate security requirements and provide guidance to IT teams and stakeholders on appropriate security design and technical configuration throughout the technology lifecycle.
- Develop and implement security controls for new and existing cloud services, including Azure, Entra , and Microsoft 365, alongside IT project teams.
- Advocate information security, proactively collaborating with IT stakeholders, service providers, and business units to provide technical security solutions.
- Identify opportunities to improve business practices and IT security processes, such as automation, compliance, and secure integration.
- Prioritize, monitor, and assess compliance and audit recommendation results to ensure comprehensive, robust, and high‑quality outcomes.
- Support Zero Trust initiatives by promoting identity‑centric access, device health posture, segmentation, and continuous verification across services.
- Develop and maintain scripts and templates (Power Shell, Python, Azure Policy, Terraform) to perform compliance checks and generate reporting across Azure and Entra .
- Support logging and monitoring efforts using Azure Monitor, Log Analytics (KQL), and Microsoft Sentinel.
- Contribute to secure design, architecture, and configuration of services such as Azure Kubernetes, Azure Functions, Azure API Management, Key Vault, and the Power Platform.
- Design and validate security configuration baselines for SaaS platforms (e.g., Service Now, Workday, Salesforce), ensuring alignment with organizational policies and compliance requirements.
- Assist the information security assurance manager with audit and compliance initiatives, including ISO 27001 certification, IT General Controls for ICFR, and internal/external audits.
- Stay current with international standards, best practices, and regulations in information security, AI, and data privacy, and recommend appropriate measures.
- Analyze, recommend, and implement process improvements within the context of information security.
- Education: Bachelor’s degree in information security, computer science, engineering, mathematics, business, or related field with minimum 10 years of relevant cloud security experience; OR advanced degree with minimum 4 years of cloud security experience.
- Certifications: CISSP or CISM (required);
Microsoft Certified:
Azure Security Engineer Associate (required). Preferred: CCSP, Microsoft Certified:
Cybersecurity Architect Expert, Microsoft Certified:
Azure Solutions Architect Expert, Microsoft Certified:
Azure Administrator Associate, Microsoft Certified:
Azure Dev Ops Engineer Expert, and other Microsoft or GIAC cloud security certifications. - Technical
Experience:
Proven track record delivering technical security assurance and engineering solutions in regulated environments, especially Azure and Microsoft cloud platforms; multi‑cloud security posture management (Wiz, Orca, Prisma Cloud, Microsoft Defender for Cloud, etc.); extensive hands‑on security experience across Microsoft cloud services; advanced working knowledge of Windows/Linux administration, firewalls, Active Directory/Entra hybrid concepts, Azure networking, Zero…
Position Requirements
10+ Years
work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×