Do you want to build a career that is truly worthwhile? Working at the World Bank provides a unique opportunity for you to help our clients solve their greatest development challenges. The World Bank consists of two entities – the International Bank for Reconstruction and Development (IBRD) and the International Development Association (IDA). It is a global development cooperative owned by 189 member countries. As the largest development bank in the world, the World Bank provides loans, guarantees, risk management products, and advisory services to middle-income and creditworthy low-income countries, and coordinates responses to regional and global challenges. Visit http://www.worldbank.org.
ITS Vice Presidency Context:
Information and Technology Solutions (ITS) enables the WBG to achieve its mission of ending extreme poverty and promote shared prosperity in a sustainable way by delivering transformative information and technologies to its staff working in over 150 locations.
Our vision is to transform how the Bank Group accomplishes its mission through information and technology. In this fast-paced, ever-changing world, the formulation and implementation of the ITS strategy is an ongoing, iterative process of learning and adaptation developed through extensive consultations with business partners throughout the World Bank Group.
ITS shapes its strategy in response to changing business priorities and leverages new technologies to achieve three high-level business outcomes: business enablement, by providing Bank Group units with innovative digital tools and technologies to transform how they deliver value for their clients; empowerment & effectiveness, by ensuring that all Bank Group staff are connected, able to find information, and productive to accelerate the delivery of development solutions globally; and resilience, by equipping the Bank Group to provide risk-based cybersecurity and robust data protection for a global network and a growing cloud platform.
Implementation of the strategy is guided by three core principles. The first is to deliver solutions for business partners that are customer-centric, innovative, and transformative. The second is to provide the Bank Group with value for money with selective and standard technologies. The third principle is to excel at the basics by providing a high performing, robust, and resilient IT environment for the organization.
The ITS Information Security and Risk Management (ITSSR) unit, headed by the Chief Information Security Officer (CISO), is responsible for providing leadership in managing the information security and risk functions and activities across the World Bank Group, enabling the achievement of WBG’s business objectives. ITSSR supports and facilitates a risk aware culture, ensuring that WBG information assets are protected in an effective, efficient, and balanced manner and IT security and risk management efforts throughout the World Bank Group are coordinated and aligned to the Bank’s business and IT strategy. ITSSR comprises of the following functions: Security Operations, Risk Management and Advisory, IT Policy, IT Compliance, Program Management Office (PMO), Business Continuity, and Sourcing and Vendor Management.
ITSSR is looking to add a security-minded, mission-driven analyst for Cybersecurity Awareness Program to help build out a multi-channel, multi-audience security awareness program and execute program activities to educate, train and bring awareness of good cybersecurity practices and procedures to all WBG staff. This work will require cross-functional collaboration with all parts of the ITS organization, especially within the ITSSR functional teams. The prospective candidate should possess a blend of communication, change management and training skills, and can combine that with business insight, strategic and tactical approaches to plan and implement an impactful cybersecurity awareness program.
The security awareness analyst will report to the PMO Lead in the Security and Risk Management (ITSSR) department. The analyst will be part of a small team responsible for coordinating the WBG Cybersecurity Awareness program, collaborating across ITSSR and ITS. The analyst will work under the direction of a senior team member and will support the development, review, implementation, and maintenance of the WBG Cybersecurity awareness program.
Under the supervision of the ITSSR PMO Lead / senior security awareness team member, the primary responsibilities will include, but are not limited to, a combination of the following:
a)Security Awareness Research and Planning:
•Assist with the overall program development, planning, implementation, and evaluation i.e., assist with setting program objectives, measuring, and reporting impact.
•In consultation with SMEs, research and identify topics of interest using different information channels.
•Identify top human risks to the organization and the behaviors that must change to mitigate those risks.
•Stay abreast of current cybersecurity and security awareness trends and best practices that will lead to secure user behaviors.
•Research and implement new / improve current activities and approaches to maximize their impact.
•Identify user groups for targeted awareness and determine the most optimal way to address these different user groups.
•Coordinate planning and implementation of individual cybersecurity awareness initiatives including identifying target user groups, setting timeline, gathering and analyzing feedback.
b)Content Development and Training Delivery
•In coordination with SMEs, develop topic/audience-specific content for awareness training.
•Conduct and/or facilitate awareness activities and training both in person and virtually.
•Maintain and grow the library of awareness materials on various cybersecurity topics.
•Promote awareness activities and messaging using a variety of internal comms channels.
•Support and grow the online community of WBG users with interest in cybersecurity.
c)Reporting and Assessment:
•Coordinate periodic cybersecurity awareness assessments for WBG staff or selected groups.
•Periodically assess for gaps and recommend improvements for program reach and impact.
•Gather and link data on security behaviors and perceptions, collate and report information, identify direct cause-and-effect relationships, identify trends and exceptions, investigate to define problems more accurately.
•Prepare periodic program reports for management and various stakeholder groups.
•Provide recommendations that align short-term needs with strategic performance drivers.
•Seek and analyze facts, data, and lessons of past experiences to support sound, logical decisions regarding own and others’ work.
•Analyze situations and determine alternative or creative scenarios and approaches to add value to the business in new and different ways.
The security awareness analyst is expected to have the following qualifications:
•A bachelor’s degree in communications, marketing, social sciences, or other relevant area and with 4 years of work experience or Master’s degree with 2 years relevant experience.
•At least 2-4 years of experience in cybersecurity awareness or a related field.
•Proven experience of at least 1-2 years of supporting cybersecurity awareness activities.
•Excellent verbal and written communication including ability to transform complex or technical concepts into simple, clear, and concise messages for general audience.
•Excellent presentation skills including delivery of training in front of large audiences.
•Ability to communicate well across boundaries and coordinate activities of others.
•Proven mastery of various social media and tools for impact.
•Strong planning and organizational skills.
•Strong analytical skills, applies critical thinking to current approaches, identifies areas for improvement, and tries new solutions that drive results.
•Proven ability to prepare and deliver training in person and online.
•Ability to quickly learn new concepts and tools, actively invests in own knowledge and seeks feedback.
•Knowledge of a broad range of information technology and cybersecurity topics and best practices.
•Show initiative when necessary and makes decisions and/or escalate / seek decision in a timely manner within own area of responsibility.
•Preferred – Knowledge of behavioral psychology/sociology, behavioral economics concepts.
World Bank Group Core Competencies
The World Bank Group offers comprehensive benefits, including a retirement plan; medical, life and disability insurance; and paid leave, including parental leave, as well as reasonable accommodations for individuals with disabilities.
We are proud to be an equal opportunity and inclusive employer with a dedicated and committed workforce, and do not discriminate based on gender, gender identity, religion, race, ethnicity, sexual orientation, or disability.
Learn more about working at the World Bank and IFC, including our values and inspiring stories.
|Country:||-- United States|
|City, State:||Washington D.C.|