International Monetary Fund
Security Operations Center (SOC) Analyst- Tier 3-ITDSG (Contractual)
International Monetary Fund, Washington, District of Columbia, us, 20022
Security Operations Center (SOC) Analyst- Tier 3-ITDSG (Contractual)
Join to apply for the Security Operations Center (SOC) Analyst- Tier 3-ITDSG (Contractual) role at International Monetary Fund Job Summary
The Information Technology Department (ITD)’s Information Security and Governance (ISG) division of the International Monetary Fund (IMF) is seeking to fill the contractual position of Security Operations Center (SOC) Analyst- Tier 3. Under the general supervision of the Section Chief (SOC and Threat Intelligence), the SOC analyst -Tier 3 is a hands-on analyst responsible for monitoring, detecting, assisting with sensitive investigations, and responding to security incidents, threats, and vulnerabilities in real-time. S/he will collaborate with cross-functional teams and external entities to develop and implement security measures, investigate security events, facilitate eDiscovery, and provide proactive incident response services. The ideal candidate should have a strong technical background, excellent analytical and problem-solving skills, and a deep understanding of information security principles and technologies. Major Duties And Responsibilities
Implements advanced security monitoring and detection mechanisms by integrating actionable threat intelligence and identifying relevant log sources across hybrid environments. Investigates, analyzes, and resolves complex security incidents, utilizing advanced forensic techniques, malware reverse engineering, and threat-hunting methodologies. Works closely with the threat intelligence and vulnerability management team to process actionable intelligence, enhancing high-fidelity detection use cases and proactive defense mechanisms. Collaborates with internal teams, including network operations, security platform administrators, system administrators, cloud administrators, and software developers, to ensure the timely resolution of security issues and incidents. Continuously improves SOC operations by enhancing incident response, change management, and problem resolution while automating processes to reduce operational inefficiencies. Provides expert-level guidance to Tier 1 & Tier 2 analysts, supporting complex investigations and contributing to ongoing training and analyst retention strategies under SOC leadership. Develops, maintains, and updates incident response plans, playbooks, and procedures, ensuring alignment with industry best practices, organizational policies, and crisis management frameworks. Supports authorized eDiscovery and investigation requests in strict compliance with agreed procedures and playbooks ensuring chain of custody, documentation and strict confidentiality. Manages the work of managed security service providers and participates in periodic performance reviews focusing on compliance and continuous improvement. Minimum Qualifications
Educational development, typically acquired by the completion of an advanced university degree, or equivalent, in Computer Science or a related field; or a university degree in Information Security, Computer Science, Information Technology, or related field from an accredited university plus a minimum of 6 years of progressive security operations work experience in regulated industries. At least 2 of the following certifications preferred: OCSP, GCIH, GDAT, GREM, GSOC, CEH, GCIA, Azure AZ-500. Experience working in a global Security Operations Center (SOC) environment, preferably in a Tier 3 role with responsibility to manage the work of analysts and MSSPs. Security engineering and operations experience in hybrid cloud environments (Azure, AWS, GCP). Understanding of threat management, security incident response protocols, threat hunting and vulnerability management principles, tools, technologies and best practices. Experience with forensic techniques and toolsets (Volatility, Ghidra, Encase, FTK, or similar); most major host operating systems and file system types; analysis of many different types of security logs; command line interfaces and scripting tools (powershell, grep, awk, sed, etc.); programming languages (python, perl, etc.); and/or data interchange formats (e.g. JSON, XML) Ability to perform memory analysis, malware analysis, and reverse engineering to determine threat impacts. Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, NDR, Network Packet Analysis, EDR). Demonstrated experience with utilizing SIEM such as LogRhythm, Sentinel, Splunk and implementing advanced log management and automation solutions. Familiarity with attack detection methodologies and frameworks like MITRE ATT&CK, NIST CSF, CVSS and CWE criteria, enumeration, and scoring. Enterprise level IT service management, including continuous service improvement. Work Management Skills
Familiarity with a broad range of technologies supplemented by in-depth knowledge in specific areas of relevance. Ability to quickly grasp how new technologies work and how they might be applied to achieve business goals. Excellent analytical and problem-solving skills, with the ability to think critically and make decisions under pressure. Excellent management, organizational and interpersonal skills with or without the line of command. Excellent written and verbal communication skills that are compelling, convincing, and reassuring. Personal drive, ownership, and accountability to meet deadlines and achieve agreed-upon results. Proven ability to collaborate with IT colleagues to prioritize work, develop roadmaps, enhance services, and contribute meaningfully to the department’s service delivery. Keen interest in staying abreast of emerging cybersecurity threats and technologies. This is a one-year contractual appointment. Contractual appointments at the IMF are renewable for up to four years of cumulative contractual service, pending incumbent's performance, budget availability and continuous business need. Department
ITDSG Information Technology Department Information Security & Governance Hiring For
A09, A10 The IMF is guided by the principle that the employment, classification, promotion, and assignment of staff shall be made without discrimination against any person. We welcome requests for reasonable accommodations for disabilities during the selection process. Information on how to request accommodations will be provided during the application process. Seniority level: Mid-Senior level Employment type: Full-time Job function: Other Industries: International Trade and Development, International Affairs, and Public Policy Offices
#J-18808-Ljbffr
Join to apply for the Security Operations Center (SOC) Analyst- Tier 3-ITDSG (Contractual) role at International Monetary Fund Job Summary
The Information Technology Department (ITD)’s Information Security and Governance (ISG) division of the International Monetary Fund (IMF) is seeking to fill the contractual position of Security Operations Center (SOC) Analyst- Tier 3. Under the general supervision of the Section Chief (SOC and Threat Intelligence), the SOC analyst -Tier 3 is a hands-on analyst responsible for monitoring, detecting, assisting with sensitive investigations, and responding to security incidents, threats, and vulnerabilities in real-time. S/he will collaborate with cross-functional teams and external entities to develop and implement security measures, investigate security events, facilitate eDiscovery, and provide proactive incident response services. The ideal candidate should have a strong technical background, excellent analytical and problem-solving skills, and a deep understanding of information security principles and technologies. Major Duties And Responsibilities
Implements advanced security monitoring and detection mechanisms by integrating actionable threat intelligence and identifying relevant log sources across hybrid environments. Investigates, analyzes, and resolves complex security incidents, utilizing advanced forensic techniques, malware reverse engineering, and threat-hunting methodologies. Works closely with the threat intelligence and vulnerability management team to process actionable intelligence, enhancing high-fidelity detection use cases and proactive defense mechanisms. Collaborates with internal teams, including network operations, security platform administrators, system administrators, cloud administrators, and software developers, to ensure the timely resolution of security issues and incidents. Continuously improves SOC operations by enhancing incident response, change management, and problem resolution while automating processes to reduce operational inefficiencies. Provides expert-level guidance to Tier 1 & Tier 2 analysts, supporting complex investigations and contributing to ongoing training and analyst retention strategies under SOC leadership. Develops, maintains, and updates incident response plans, playbooks, and procedures, ensuring alignment with industry best practices, organizational policies, and crisis management frameworks. Supports authorized eDiscovery and investigation requests in strict compliance with agreed procedures and playbooks ensuring chain of custody, documentation and strict confidentiality. Manages the work of managed security service providers and participates in periodic performance reviews focusing on compliance and continuous improvement. Minimum Qualifications
Educational development, typically acquired by the completion of an advanced university degree, or equivalent, in Computer Science or a related field; or a university degree in Information Security, Computer Science, Information Technology, or related field from an accredited university plus a minimum of 6 years of progressive security operations work experience in regulated industries. At least 2 of the following certifications preferred: OCSP, GCIH, GDAT, GREM, GSOC, CEH, GCIA, Azure AZ-500. Experience working in a global Security Operations Center (SOC) environment, preferably in a Tier 3 role with responsibility to manage the work of analysts and MSSPs. Security engineering and operations experience in hybrid cloud environments (Azure, AWS, GCP). Understanding of threat management, security incident response protocols, threat hunting and vulnerability management principles, tools, technologies and best practices. Experience with forensic techniques and toolsets (Volatility, Ghidra, Encase, FTK, or similar); most major host operating systems and file system types; analysis of many different types of security logs; command line interfaces and scripting tools (powershell, grep, awk, sed, etc.); programming languages (python, perl, etc.); and/or data interchange formats (e.g. JSON, XML) Ability to perform memory analysis, malware analysis, and reverse engineering to determine threat impacts. Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, NDR, Network Packet Analysis, EDR). Demonstrated experience with utilizing SIEM such as LogRhythm, Sentinel, Splunk and implementing advanced log management and automation solutions. Familiarity with attack detection methodologies and frameworks like MITRE ATT&CK, NIST CSF, CVSS and CWE criteria, enumeration, and scoring. Enterprise level IT service management, including continuous service improvement. Work Management Skills
Familiarity with a broad range of technologies supplemented by in-depth knowledge in specific areas of relevance. Ability to quickly grasp how new technologies work and how they might be applied to achieve business goals. Excellent analytical and problem-solving skills, with the ability to think critically and make decisions under pressure. Excellent management, organizational and interpersonal skills with or without the line of command. Excellent written and verbal communication skills that are compelling, convincing, and reassuring. Personal drive, ownership, and accountability to meet deadlines and achieve agreed-upon results. Proven ability to collaborate with IT colleagues to prioritize work, develop roadmaps, enhance services, and contribute meaningfully to the department’s service delivery. Keen interest in staying abreast of emerging cybersecurity threats and technologies. This is a one-year contractual appointment. Contractual appointments at the IMF are renewable for up to four years of cumulative contractual service, pending incumbent's performance, budget availability and continuous business need. Department
ITDSG Information Technology Department Information Security & Governance Hiring For
A09, A10 The IMF is guided by the principle that the employment, classification, promotion, and assignment of staff shall be made without discrimination against any person. We welcome requests for reasonable accommodations for disabilities during the selection process. Information on how to request accommodations will be provided during the application process. Seniority level: Mid-Senior level Employment type: Full-time Job function: Other Industries: International Trade and Development, International Affairs, and Public Policy Offices
#J-18808-Ljbffr