Security Analyst/Senior Security Analyst (Red Team) - ITDSGGR (Contractual)

The Information Technology Department (ITD) at the IMF is more than just a support function; it is a critical catalyst for change. We champion the seamless integration of cutting-edge technology solutions, ensuring the IMF's mission is propelled by innovation and efficiency. 

Within the IT department, the Information Security and Governance (ISG) division and other first-line cybersecurity teams stand as guardians of integrity and a beacon of trust. We are not just about managing risks; we are about envisioning, enabling, and implementing a secure future for global economic stability. Our teams are dedicated to:  

• Crafting and executing a forward-thinking and resilient Cybersecurity Strategy.  

• Enacting inclusive governance that balances security needs with operational fluidity.  

• Developing policies and standards that stay ahead of the threat landscape.  

• Ensuring compliance, resilience, and agility in our cybersecurity posture.  

• Engaging in relentless evaluation, management, and tracking of cybersecurity and digital risks linked to the utilization of the IMF’s information assets, ensuring a secure operational framework.  

• Continuously enriching our annual information security culture, awareness, and education initiative, fostering a security-conscious environment across the organization.  

• Administering a compliance management program dedicated to maintaining firm adherence to the IMF's information security policies and standards.  

• Preserving a solid enterprise security reference architecture that acts as a safeguard for the IMF's information assets against pertinent threats.  

• Engineering, implementing, and sustaining secure and resilient technological solutions, spanning both on-premises and cloud infrastructures, to support the IMF's mission.  

• Overseeing cyber threat intelligence, incident management, digital forensics, and investigations, alongside championing innovation in cybersecurity practices to achieve operational excellence and deliver value promptly.  

As we expand our efforts to serve the IMF's staff and its members more effectively, we invite seasoned cybersecurity professionals to our elite cybersecurity teams. We are looking for individuals with the requisite skills and expertise to address the current and forthcoming cybersecurity and business challenges faced by the IMF. 

Job Summary 

The Information Technology Department (ITD)’s Information Security and Governance (ISG) division of the International Monetary Fund (IMF) is seeking to fill a Security Analyst/Senior Security Analyst (Red Team) position.  

Under the general supervision of an information security assurance manager, the Security Analyst/Senior Security Analyst (Red Team), is responsible for planning, executing, and managing adversarial simulation exercises to assess and improve the organization's security posture. This role leads offensive security assessments, emulates real-world threat actors, and collaborates with several IT and cybersecurity teams to identify security gaps, test detection capabilities, and enhance organizational readiness to respond to cyber-attacks. 

Minimum Qualifications 

Education 

Bachelor's degree in information security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 10 years of relevant experience working in an offensive security/red teaming role including network, mobile, cloud, social engineering, scripting, etc.;  

OR 

Advanced degree in Information Security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 4 years of relevant experience working in an offensive security/red teaming role including network, mobile, cloud, social engineering, scripting, etc.. 

Certifications: (Minimum plus at least 2 preferred) 

OSCP-Offensive Security Certified Professional or CRTO-Certified Red Team Operator or GIAC Penetration Tester (GPEN) certification (minimum required)  

OSEE-Offensive Security Exploitation Expert (Preferred) 

OSED-OffSec Exploit Developer (Preferred) 

GXPN-GIAC Exploit Researcher and Advanced Penetration Tester (Preferred) 

Technical Experience should include:  

Experience working with breach and attack simulation (BAS) solutions to design realistic test cases, measure defensive coverage, and produce actionable remediation reports is required. 

Proficiency in scripting or programming languages (e.g., Python, PowerShell, or C) for automation, custom simulations, and reporting 

A deep technical understanding of MITRE ATT&CK framework, threat actor, tactics, techniques, and procedures (TTPs) 

Proven hands-on experience with industry leading C2 frameworks (Cobalt Strike, Nighthawk, Silver, Mythic, etc.). 

Familiarity with exploit development, privilege escalation, lateral movement, and evasion techniques. 

Practical experience testing and defending Active Directory environments, cloud infrastructure (AWS, Azure, GCP), and container platforms (Docker, Kubernetes), including identifying attack paths and recommending mitigations. 

Knowledge of EDR evasion, memory injection, and obfuscation techniques.  

Deep technical skills in assessing and exploiting vulnerabilities across a variety of platforms, including Windows, Linux, and macOS environments, including Active Directory (AD) exploitation and privilege escalation techniques. 

Experience with tools used for wireless, web applications, and network security testing. Knowledge of a wide array of technologies, including network security, endpoint protection, cloud security, and SIEM systems 

Required Soft Skills 

• Excellent communication skills to document findings and collaborate across multi-disciplinary IT teams to develop documentation and explain technical details. 

• Ability to work independently and collaboratively in high-pressure environments. 

• Ethical mindset and discretion in handling sensitive information. 

• Adaptability to rapidly changing threat landscapes and technologies. 

• Strong analytical and problem-solving skills. 

Major Duties and Responsibilities 

Specific responsibilities include: 

• Perform Red and Purple Team assessments including adversarial emulation of cyber-attacks against the IMF’s IT environments.  

• Support the Red Team lifecycle including designing, planning, executing, and reporting on adversary simulation efforts across the IMF. 

• Support the design, plan, and execute security controls testing, purple team engagements, and automated adversary simulation exercises.

• Present complex Red Team engagement findings to non-technical audiences with the purpose of communicating business impact of discovered risks and the recommended risk treatment. 
• Work closely with multi-disciplinary teams across the IT and information security functions to communicate and enable the appropriate understanding and properly address exploitable security gaps discovered throughout the execution of Purple and Red Team exercises. 

• Adhere to all predefined rules of engagement before, during, and after the execution of all Red Team efforts.

• Drive continuous Red Team innovation and developments, constantly seeking to improve the Red Team service offering from both a technical perspective and strategic perspective. 

• Support Red team capabilities through tool creation, research on techniques, incorporation of threat actor intelligence, internal presentations, and knowledge sharing. 

• Develop and maintain in-depth Red Team documentation surrounding both technical and non-technical service functions and tasks 

This is a one-year contractual appointment. Contractual appointments at the IMF are renewable for up to four years of cumulative contractual service, pending incumbent's performance, budget availability, and continuous business need.