Job Summary

The Information Technology Department (ITD)’s Infrastructure and Operations (IO) division of the International Monetary Fund (IMF) is seeking to fill aProduct/Platform Security Engineer (Identity and Access Management).

Under the general supervision of the Section Chief- Cybersecurity Platforms, this role will be responsible for managing the Fund’s Enterprise IAM platforms and working closely with the IAM stakeholders, including Information Security, Architects/Engineers, Human Resources and other Fund Departments.

Primarily, the candidate will lead the engineering, implementation and operations of Identity Governance and Administration and Privileged Access Management services.Additional responsibilities will include managing other IAM services, such as Access Management, PKI, ABAC, SSO, Azure Entra ID, B2B, B2C, etc.

Major Duties and Responsibilities

2.Work closely with the IAM Governance Lead, translate IAM business requirements to functional and technical IAM requirements, and support IAM governance activities.

3.Support the Section Chief in developing and implementing effective IAM processes and an operating model. Manage the IAM operations teams comprising contractors and MSP personnel ensuring timely delivery of key services.

4.Simplify and manage the lifecycle of digital identities for staff, vendors, managed service providers and other contractual types.

5.Manage the security, availability (HA and DR), and performance of the IMF’s IdP and IGA applications implementing rigorous resiliency measures to safeguard critical assets.

6.Identify opportunities and implement automation for operational tasks to improve performance and reduce operator errors utilizing scripting.

7.Lead the integration of IAM systems with internal and external systems and applications, ensuring seamless and secure access management across the technology ecosystem.

8.Understand all aspects of dependencies for business processes on IAM systems, andmanage resolution of root causesfor performance, reliability, or availability issues and deliver innovative solutions.

9.Implement JIT and Zero Trust standards and processes for privilege identity management to ensure strong lifecycle management and governance for the identities that have access to IMF’s crown jewels.

10.Stay at the forefront of emerging identity trends, technologies, and best practices, and apply this knowledge to enhance IMF’s identity management strategies.

11.Work with the IMF’s security operations center, implement effective monitoring and audit access controls and permissions to identify potential security breaches or policy violations.

12.Collect, track and report on various IAM service SLAs/metrics/KPIs/KRIs.

13.Create end user training materials and conduct user training.

Minimum Qualifications

Advanced degree in information security, computer science, engineering, mathematics or related field of study or equivalent, plus a minimum of 4 years of relevant professional experience; or a bachelor’s degree in computer science or a related field of study plus a minimum of 10 years of relevant professional experience, is required.

Candidatesshouldpossessone or more of the following certifications— CISSP, CISM, SABSA, GCSA, ITIL.

Must have a minimum of 3years’ experience managing enterprise-wide Identity and Access Management services.

Knowledge and/or experience in:

• Implementing Identity Governance and Administration services using IGA platforms such as SailPoint, Saviynt, Oracle Identity Governance, Okta, etc.

• Engineering, implementation and operations of identity management, access provisioning, workflows, ABAC/RBAC, IAM lifecycle management, analytics, roleand entitlement engineering.

• IAM systems such as Microsoft Active Directory, Azure AD, Okta, F5, Saviynt (preferred), SailPoint, or similar platforms.

• Modern approaches to IAM with Microsoft Azure/AD/SSO, OAuth, OpenID, WebAuthand SAML.

• Scripting languages (e.g., PowerShell, Python) for automation of IAM tasks.

• Privileged Access Management solutions such as CyberArk, Microsoft Azure PIM, etc.

• Enterprise level IT service management, including continuous service improvement.

• Operationalizing enterprise wide IAM Governance and metrics.

• IAM API and customer (B2B, B2C) IAM solutions.

• Cloud-based IAM solutions and services (Microsoft Azure).

• Engineering and operating highly resilient PKI and Key Management services.

Work management skills

• Familiarity with a broad range of technologies supplemented by in-depth knowledge in specific areas of relevance. Ability to quickly grasp how new technologies work and how they might be applied to achieve business goals.

• Excellent insight of business and technology trends and their impact (risks and opportunities) to business enablement.

• Analytical skills that enable synthesis and correlation of inputs from many sources and allow for strategic thinking and tactical implementation.

• Ability to establish and maintain effective partnerships and working relations in a multi-cultural, multi-ethnic environment with sensibility and respect for diversity.

• Excellent management, organizational and interpersonal skills to influence others towards a shared vision and positive results with or without the line of command.

• Excellent written and verbal communication skills that are compelling, convincing and reassuring, with the ability to articulate complex technical ideas to non-technical stakeholders.

• Personal drive, ownership and accountability to meet deadlines and achieve agreed-upon results.

• Proven ability to collaborate with IT colleagues to prioritize work, develop roadmaps, enhance services, and contribute meaningfully to the department’s service delivery.