E T Consultant
World Bank (World Bank)
Close on 5 Oct 2020
Location: United States
Grade: EC1
H Hardship
Apply Now
Added 1 week ago
Job Description


Introduction to the World Bank Group

Do you want to build a career that is truly worthwhile? Working at the World Bank Group provides a unique opportunity for you to help our clients solve their greatest development challenges. The World Bank Group is one of the largest sources of funding and knowledge for developing countries; a unique global partnership of five institutions dedicated to ending extreme poverty, increasing shared prosperity and promoting sustainable development. With 189 member countries and more than 120 offices worldwide, we work with public and private sector partners, investing in groundbreaking projects and using data, research, and technology to develop solutions to the most urgent global challenges. For more information, visit www.worldbank.org

Information and Technology Solutions (ITS) enables the WBG to achieve its mission of ending extreme poverty by 2030 and boosting shared prosperity in a sustainable manner by delivering transformative information technologies to its staff working in over 130 client countries. ITS services range from: establishing the infrastructure to reach and connect staff and development stakeholders; providing the devices and agile technology and information applications to facilitate the science of delivery through decentralized services; creating and maintaining tools to integrate information across the World Bank Group, the clients we serve and the countries where we operate; and delivering the computing power staff need to analyze development challenges and identify solutions. The ITS business model combines dedicated business solutions centers that provide services tailored to specific World Bank Group business needs and shared services that provide infrastructure, applications and platforms for the entire Group. ITS is one of three VPUs that have been brought together as the World Bank Group Integrated Services (WBGIS), to provide enhanced corporate core services and enable the institution to operate as one strategic and coordinated entity.

The ITS Information Security and Risk Management (ITSSR) unit, headed by the Chief Information Security Officer (CISO), provides leadership in managing the functions and activities of information security and risk management, IT service management and business continuity, sourcing and vendor management, and enterprise architecture across the World Bank Group, enabling the achievement of WBG’s business objectives.

One of the major programs of ITSSR is the identification and protection of the WBG critical information assets. Last year ITSSR engaged one of the big consulting firms in the industry to develop a framework to identify the WBG critical information assets. ITSSR is currently looking for a resource who will socialize and implement the framework and mor importantly identify the WBG critical information assets.

Duties and Accountabilities:

The candidate will be responsible for, but not limited to the following:

  • Develop and execute a detailed project plan for implementing the WBG critical information asset framework.
  • Assist in liaising with all business units in the Bank Group to collect, synthesize and analyze information assets produced and consumed by the business units to identify the WBG Critical information assets.
  • Schedule and conduct interviews with WBG business units to collect and assess criticality of information assets leveraging the Critical Information Assets Identification Framework.
  • Develop interview questions for WBG units to gather data on information assets created and consumed by WBG business processes.
  • Develop proposed list of Critical Information assets based on information collected from the WBG units.
  • Develop and maintain a sustainable process for validating the list of critical information assets.
  • Collaborate with WBG units to develop and maintain the WBG information asset register.
  • Develop and implement an awareness campaign for the program to socialize the critical information asset framework.
  • Provide significant progress reports and dashboards to the management teams.
  • Review and edit/update Critical Information asset documentation.
  • Interface with WBG business units to understand business processes and the role of information systems in supporting business processes.
  • Coordinate with other OIS teams to provide effective solutions to information security issues pertaining to critical information assets.
  • Interface with the Risk, Certification, and Accreditation team, and Compliance teams to ensure necessary changes reflected in policies to address the risks identified for critical information assets.
  • Build effective relationships with key stakeholders who own and support IT infrastructure, applications, processes and operations throughout the WBG. Gain commitment from stakeholders to maintain the information asset register.

Selection Criteria

  • Master’s degree in Computer Science, Information Systems or a related technical field with a minimum of 2 years experience or Bachelor’s Degree with a minimum of 4 years relevant experience working in an information security or IT audit field in the area of information management or information technology.
  • Demonstrated knowledge and experience in auditing IT and security controls for information assets.
  • Demonstrated experience in identifying critical information assets.
  • Demonstrated experience in implementing and maintaining Information Asset Registers.
  • Demonstrated experience in business process reengineering and data analytics.
  • Demonstrated experience in conducting face-to-face information gathering interviews with diverse clients.
  • Demonstrated experience in synthesizing data collected, performing analysis and formulating significant conclusions and designing reports.
  • Familiarity and understanding of broad range of IT hardware and software products.
  • Thorough understanding of information security risk assessment frameworks including but not limited to those from ISO and NIST.
  • Demonstrated knowledge of security controls for network, database, application and operating systems. Strong knowledge and work experience with logical access controls.
  • Knowledge of best practices and standards for monitoring and reporting information security performance (e.g. key risk and performance indicators, NIST/ PRISMA Maturity levels).
  • Knowledge of ERP and financial system including but not limited to SAP, PeopleSoft and Summit.
  • Possession of industry certifications highly preferred including, but not limited to Certified Information Systems Auditor (CISA), ISO 27001 Lead Auditor, Certified Information Systems Security Professional (CISSP) and Information Systems Security Management Professional (ISSMP).
  • Ability to work independently and within groups, must be self-motivated and able to work independently with minimal supervision.
  • Possess excellent written and verbal communication skills, presentation, and problem-solving skills and be able to interact well with peers and internal customers.
  • Ability to build and sustain cooperative and collaborative relationships in a multicultural team environment.
  • Strong sense of urgency necessary to meet objectives and deadlines.
  • Highest ethical standards.

Note: The selected candidate will be offered a one-year appointment, renewable for an additional one year, at the discretion of the World Bank Group, and subject to a lifetime maximum ET Appointment of two years. If an ET appointment ends before a full year, it is considered as a full year toward the lifetime maximum. Former and current ET staff who have completed all or any portion of their second-year ET appointment are not eligible for future ET appointments.

Poverty has no borders, neither does excellence. We succeed because of our differences and we continuously search for qualified individuals with diverse backgrounds from around the globe.

About World Bank

With 189 member countries, staff from more than 170 countries, and offices in over 130 locations, the World Bank Group is a unique global partnership: five institutions working for sustainable solutions that reduce poverty and build shared prosperity in developing countries.

World Bank's mission is to end extreme poverty by reducing the share of the global population that lives in extreme poverty to 3 percent by 2030, and to promote shared prosperity by increasing the incomes of the poorest 40 percent of people in every country.