Job Details

Continuously enriching our annual information security culture, awareness, and education initiative, fostering a security-conscious environment across the organization. As we expand our efforts to serve the IMF's staff and its members more effectively, we invite seasoned cybersecurity professionals to our elite cybersecurity teams. We are looking for individuals with the requisite skills and expertise to address the current and forthcoming cybersecurity and business challenges faced by the IMF.**Job Summary** **Security Analyst/****Senior Security Analyst (Red Team)** position. The Information Technology Department (ITD)'s Information Security and Governance (ISG) division of the International Monetary Fund (IMF) is seeking to fill a Under the general supervision of an information security assurance manager, the **Security Analyst/****Senior Security Analyst (Red Team),**isresponsible for planning, executing, and managing adversarial simulation exercises to assess and improve the organization's security posture. This role leads offensive security assessments, emulates real-world threat actors, and collaborates with several IT and cybersecurity teams to identify security gaps, test detection capabilities, and enhance organizational readiness to respond to cyber-attacks. **Minimum Qualifications** Education Bachelor's degree in information security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 10in an offensive security/red teaming role including network, mobile, cloud, social engineering, scripting, etc.; years of relevant experience working Advanced degree in Information Security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 4working in an offensive security/red teaming role including network, mobile, cloud, social engineering, scripting, etc.. years of relevant experience Technical Experience should include: Experience working with breach and attack simulation (BAS) solutions to design realistic test cases, measure defensive coverage, and produce actionable remediation reports is required.Proficiency in scripting or programming languages (e.g., Python, PowerShell, or C) for automation, custom simulations, and reportingProven hands-on experience with industry leading C2 frameworks (Cobalt Strike, Nighthawk, Silver, Mythic, etc.).Familiarity with exploit development, privilege escalation, lateral movement, and evasion techniques. Practical experience testing and defending Active Directory environments, cloud infrastructure (AWS, Azure, GCP), and container platforms (Docker, Kubernetes), including identifying attack paths and recommending mitigations.Knowledge of EDR evasion, memory injection, and obfuscation techniques. Deep technical skills in assessing and exploiting vulnerabilities across a variety of platforms, including Windows, Linux, and macOS environments, including Active Directory (AD) exploitation and privilege escalation techniques. Experience with tools used for wireless, web applications, and network security testing. Knowledge of a wide array of technologies, including network security, endpoint protection, cloud security, and SIEM systemsRequired Soft Skills communication skills to - Ability to work independently and collaboratively in high-pressure environments.- Strong analytical and problem-solving skills.**Major Duties and Responsibilities** Specific responsibilities include: Present complex Red Team engagement findings to non-technical audiences with the purpose of communicating business impact of discovered risks and the recommended risk treatment.Drive continuous Red Team innovation and developments, constantly seeking to improve the Red Team service offering from both a technical perspective and strategic perspective.- Support Red team capabilities through tool creation, research on techniques, incorporation of threat actor intelligence, internal presentations, and knowledge sharing.Develop and maintain in-depth Red Team documentation surrounding both technical and non-technical service functions and tasksThe IMF works to foster global monetary cooperation, secure financial stability, facilitate international trade, and promote high employment and sustainable economic growth. Our work on the macroeconomic benefits of challenges such as empowering women, modernizing the global trading system, and wage inequity, provides new ideas to safeguard the stability of the international monetary and financial system and addresses the world's most pressing macroeconomic and financial issues. Our 3,100 dedicated employees are leaders in their fields and collaborate to address the needs of our members and make a meaningful, positive difference to lives across the globe.This privacy notice explains how the International Monetary Fund (IMF) processes personal data collected through its recruitment portal. The IMF collects and uses various types of personal data in the context of its recruitment process in order to take steps required prior to entering into a contract. This may include contact details, work experience, education background, and professional qualifications. Access to personal data is limited to authorized IMF personnel and certain third parties, such as authorized partners or service providers who act on behalf of the IMF. These may include service providers such as background check agencies, assessment vendors, and other recruitment-related partners. If you are offered a position, your data may also be shared as necessary to comply with legal or regulatory requirements (e.g., for visa applications) or in response to lawful requests by public authorities, including law enforcement agencies. Personal data is retained in accordance with applicable IMF retention policies. You have rights in relation to your personal data. For more information about these rights and how to exercise them, please refer to the .#J-18808-Ljbffr