JOB DESCRIPTION

IT Analyst, Security, Risk and ComplianceDescriptionDo you want to build a career that is truly
worthwhile? Working at the World Bank Group provides a unique opportunity for
you to help our clients solve their greatest development challenges. The World
Bank Group is one of the largest sources of funding and knowledge for
developing countries; a unique global partnership of five institutions
dedicated to ending extreme poverty, increasing shared prosperity and promoting
sustainable development. With 189 member countries and more than 130 offices
worldwide, we work with public and private sector partners, investing in
groundbreaking projects and using data, research, and technology to develop
solutions to the most urgent global challenges. For more information, visit www.worldbank.org
ITS Vice Presidency Context:
The Information and Technology Solutions
(ITS) Vice Presidential Unit (VPU) enables the World Bank Group to achieve its
mission of ending extreme poverty and boost shared prosperity on a livable
planet by delivering transformative information and technologies to its staff
working in over 150+ locations. For more information on ITS, see this video:https://www.youtube.com/watch?reload=9&v=VTFGffa1Y7wThe mission of the Information and Technology Solutions
(ITS) Vice Presidential Unit (VPU) is to leverage information and technology as
a force multiplier to accelerate, deepen, and sustain development impact. Their
vision is to harness information and technology for a world free of poverty on
a livable planet.
The IT Analyst – IT Compliance will play a critical role in
supporting the organization’s ICFR program, with a focus on IT General Controls
(ITGCs). The candidate will be responsible for conducting pre-implementation
reviews of ICFR in-scope systems, evaluating the design and operational
effectiveness of ITGCs, and performing compliance assessments to ensure
alignment with organizational IT policies, policies and relevant IT control frameworks.
The role requires modern technical skills, experience with Agile methodologies,
and relevant professional certifications to support a strong and effective IT
control environment.

Duties and Accountabilities:
The candidate will be responsible for, but not limited to
the following:– Support
the Internal Controls over Financial Reporting (ICFR) program for IT
General Controls.– Collaborate with external auditors on audit planning,
testing and evaluation procedures, and ensure compliance with the
requirements.– Assist
in controls implementation including documentation of processes and
procedures to address the ICFR requirements for the IT General Controls
for Information Security, Change Management and IT Operations areas.– Evaluate
the design and operating effectiveness of Information Technology General
Controls and system-dependent automated controls.– Conduct
IT technical and process audits as well as compliance assessments based on COBIT, ISO 27001, ISO 20000 and NIST frameworks.– Develop
test plans and detailed test procedures to assess operating effectiveness
of IT technical and process controls.– Assess
compliance against technical standards for various platforms and
technologies.– Discuss
compliance and audit issues with stakeholders and develop action plans to
address them.– Provide
recommendations to strengthen IT General Controls (ITGCs) and related
processes, informed by assessment findings, evolving risk landscapes, and
industry best practices.
– Design
and implement IT controls aligned with SAFe Agile methodologies and
emerging AI technologies.
– Support the integration of automation and AI
solutions to enhance the effectiveness and efficiency of control
monitoring and compliance activities.– Collect,
evaluate, and maintain data to ensure that required management reporting
is completed as needed. This also includes inputting appropriate data
into GRC tools.– Assist
in monitoring open audit items from audits to ensure execution of remedial
activities defined in the agreed action plans and risk treatment plans.– Build
effective relationships with key stakeholders who own and support IT
infrastructure, applications, processes and operations throughout the WBG.
Gain commitment from stakeholders to implement recommended and agreed
information technology and security controls and treatment plans.– Provide
timely updates to supervisor on assigned projects.– Demonstrate
work commitment and drive for results.– Set
high standards of performance; pursue aggressive goals and work hard to
achieve them.Selection Criteria* Bachelor’s
degree with 4 years relevant experience or master’s degree with a minimum
of 2 years of relevant experience.* Experience
in conducting design and operating effectiveness testing for IT General
Controls.* Demonstrated
knowledge and experience in auditing IT and security controls for network,
operating systems, databases, platforms, IT applications and cloud environments.* Demonstrates
comprehensive knowledge of Agile methodologies, artificial intelligence
(AI) frameworks, and the associated compliance and security implications.* Familiarity
with industry standards and frameworks including ISO 27001, ISO 20000, COBIT
and NIST.
* Possession
of industry certifications highly preferred including but not limited to
Certified Information Systems Auditor (CISA), ISO 27001 Lead Auditor,
Certified Information Systems Security Professional (CISSP) and Certified
Agile Practitioner (e.g., SAFe, Scrum Master).* Ability
to work independently and within groups, must be self-motivated and able
to work independently with minimal supervision.* Posses
excellent written and verbal communication skills, presentation, and
problem solving skills and be able to interact well with peers and
internal customers.
WBG Culture Attributes:1. Sense
of Urgency – Anticipating and quickly reacting to the needs of internal
and external stakeholders.
2. Thoughtful
Risk Taking – Taking informed and thoughtful risks and making courageous
decisions to push boundaries for greater impact.
3. Empowerment
and Accountability – Engaging with others in an empowered and accountable
manner for impactful results.World Bank Group Core CompetenciesThe World Bank Group offers comprehensive benefits, including a retirement plan; medical, life and disability insurance; and paid leave, including parental leave, as well as reasonable accommodations for individuals with disabilities.We are proud to be an equal opportunity and inclusive employer with a dedicated and committed workforce, and do not discriminate based on gender, gender identity, religion, race, ethnicity, sexual orientation, or disability.Learn more about working at the World Bank and <a style="color: #0000ee; font-weight: initial;" href="https:/%0A</p>%0A%0A</li>%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20</div>%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20</div>%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20<div%20class=” action-button>