IT Policy Development - E T Consultant Job #: req33542 Organization: World Bank Sector: Information Technology Grade: EC2 Term Duration: 1 year 0 months Recruitment Type: Local Recruitment Location: Washington, DC,United States Required Language(s): English Preferred Language(s): Closing Date: 6/26/2025 (MM/DD/YYYY) at 11:59pm UTC
Description
Do you want to build a truly worthwhile career? The World Bank Group is one of the largest sources of funding and knowledge for developing countries; a unique global partnership of five institutions dedicated to ending extreme poverty and promoting shared prosperity. With 189 member countries and more than 120 offices worldwide, we work with public and private sector partners, investing in groundbreaking projects and using data, research, and technology to develop solutions to the most urgent global challenges. For more information, visit www.worldbank.org.
ITS Vice Presidency Context:
The Information and Technology Solutions (ITS) Vice Presidential Unit (VPU) enables the World Bank Group to achieve its mission of ending extreme poverty and boost shared prosperity on a livable planet by delivering transformative information and technologies to its staff working in over 150+ locations. For more information on ITS, see this video: https://www.youtube.com/watch?reload=9&v=VTFGffa1Y7w
The mission of the Information and Technology Solutions (ITS) Vice Presidential Unit (VPU) is to leverage information and technology as a force multiplier to accelerate, deepen, and sustain development impact. Their vision is to harness information and technology for a world free of poverty on a livable planet.
The IT Policy Development Extended Term Consultant will be responsible for developing and maintaining IT policies, ensuring alignment with industry standards and organizational goals. The role requires modern technical skills, experience with Agile methodologies, and relevant certifications to ensure the effectiveness and adaptability of IT policy framework.
Duties and Accountabilities:
The candidate will be responsible for, but not limited to the following:
• Develop and maintain IT and cybersecurity policies, and procedures and ensure that they are aligned to business requirements, information technology strategy, legal/regulatory requirements and leading industry standard frameworks such as COBIT, NIST, ISO 20000, ISO 2700 and SAFe.
• Review and propose changes to existing policies, and procedures to reflect existing business requirements and compliance with applicable regulations.
• Develop, document, and implement IT policies that support Agile methodologies such as SAFe, Scrum, Kanban, and DevSecOps.
• Develop policies for responsible adoption of AI aligned with global standards such as NIST AI RMF, and ISO/IEC 42001.
• Ensure IT governance policies align with Agile principles while maintaining compliance with relevant frameworks and regulatory requirements.
• Establish policies for Agile documentation, change management, and auditability without disrupting Agile velocity.
• Collaborate with cross-functional teams using Agile methodologies to drive IT policy development and implementation.
• Collaborate with Agile teams, IT leadership, and compliance units to embed policy requirements into Agile workflows.
• Demonstrate work commitment and drive for results. Set high standards of performance; pursue aggressive goals and work hard to achieve them.
Selection Criteria
• Master’s degree in computer science, Information Systems or Law degree (J.D. or non-U.S. equivalent) with 5 years relevant experience OR equivalent combination of education and experience.
• Minimum 5-7 years’ substantive IT & cybersecurity experience including developing and implementing IT policies.
Experience in developing IT policies tailored to Agile and DevSecOps practices.
• Strong knowledge of Agile compliance challenges, including security, risk management, and regulatory alignment.
• Strong understanding of AI governance frameworks and experience in drafting AI policies.
• Solid writing and grammar skills with the ability to independently draft policies and standard documents.
• Thorough understanding of best practice and industry standards including, but not limited to ISO 27001, SAFe, ISO 42001, NIST and CIS.
• Possession of industry certifications highly preferred including, but not limited to Certified Information Systems Auditor (CISA), ISO 27001 Lead Auditor, Certified Information Systems Security Professional (CISSP) and Certified Agile Practitioner (e.g., SAFe, Scrum Master).
• Ability to work independently and within groups, Must be self-motivated and able to work independently with minimal supervision.
• Excellent communication and stakeholder engagement skills to bridge policy, legal, and technical teams.
• Highest ethical standards.
WBG Culture Attributes:
1. Sense of Urgency – Anticipating and quickly reacting to the needs of internal and external stakeholders.
2. Thoughtful Risk Taking – Taking informed and thoughtful risks and making courageous decisions to push boundaries for greater impact.
3. Empowerment and Accountability – Engaging with others in an empowered and accountable manner for impactful results.
World Bank Group Core Competencies
We are proud to be an equal opportunity and inclusive employer with a dedicated and committed workforce, and do not discriminate based on gender, gender identity, religion, race, ethnicity, sexual orientation, or disability.
Learn more about working at the World Bank and IFC, including our values and inspiring stories.
Note: The selected candidate will be offered a one-year appointment, renewable at the discretion of the World Bank Group, and subject to a lifetime maximum ET appointment of three years. If an ET appointment ends before a full year, it is considered as a full year toward the lifetime maximum. Former and current ET staff who have completed all or any portion of their third-year ET appointment are not eligible for future ET appointments.