Work for the IMF. Work for the World.
The Information Technology Department (ITD) at the IMF is more than just a support function; it is a critical catalyst for change. We champion the seamless integration of cutting-edge technology solutions, ensuring the IMF's mission is propelled by innovation and efficiency. Our commitment is to:
Maintain and elevate the performance of pivotal IT systems and infrastructure.
Fortify and mature the IMF’s cybersecurity posture, safeguarding the integrity and resilience of global financial and economic systems.
Align IT initiatives with the IMF's strategic objectives, maximizing the impact of technology on global economic policies.
Deliver unparalleled value, optimizing the blend of quality, cost-effectiveness, and stakeholder satisfaction in every project.
Empower the IMF's business technology strategy, ensuring it aligns with both current needs and future visions.
A CALL TO ACTION FOR CYBERSECURITY PIONEERS
As we expand our capabilities, we seek experts in cybersecurity ready to dive deep into the complexities of capabilities that enable global finance and economics. Your expertise is vital in securing the future of international economic stability.
Job Summary
The Information Technology Department (ITD)’s Infrastructure and Operations (IO) division of the International Monetary Fund (IMF) is seeking to fill a Product/Platform Security Engineer PAM/PKI Engineer).
Under the general supervision of the Section Chief- Cybersecurity Platforms, this role will be responsible for managing the Fund’s managing the Fund’s Enterprise PAM and PKI solutions and working closely with the IAM stakeholders, including Information Security, Architects/Engineers, Human Resources and other Fund Departments.
Primarily, the candidate will lead the engineering, implementation, and operations of Enterprise Privileged Access Management (PAM) and Public Key Infrastructure (PKI) services. Additional responsibilities will include managing other IAM services, such as Access Management, ABAC, RBAC, SSO, Azure Entra ID, B2B, B2C, etc.
Major Duties and Responsibilities
1. As the technical owner, engineer, implement, and maintain enterprise PKI and PAM capabilities that are pragmatic, user friendly, and meet the IMF’s security and privacy policies, standards, and architectural principles. This includes PKI and PAM infrastructure, including certificate authorities (CAs), hardware security modules (HSMs), code signing services, and certificate management systems.
2. Working with the information Security Group, develop and maintain policies and procedures for certificate issuance, renewal, revocation, and recovery.
3. Working closely with the IAM Governance Lead, translate PKI and PAM business requirements to functional and technical requirements and technical roadmaps.
4. Support the Section Chief in developing and implementing effective PKI and PAM processes and an operating model. Manage the PKI and PAM operations teams comprising contractors and MSP personnel ensuring timely delivery of key services.
5. Provide consulting and guidance to application teams around privileged access management, and cryptographic technologies.
6. Facilitate periodic access reviews, certifications, and audits to ensure compliance with IMF’s security policies and standards.
7. Manage the security, availability (HA and DR), and performance of the IMF’s PKI and PAM applications implementing rigorous resiliency measures to safeguard critical assets.
8. Identify opportunities and implement automation for operational tasks to improve performance and reduce operator errors utilizing scripting.
9. Lead the integration of PKI and PAM systems with internal and external systems and applications, ensuring seamless and secure access management across the technology ecosystem.
10. Understand all aspects of dependencies for business processes on PKI and PAM systems, and manage resolution of root causes for performance, reliability, or availability issues and deliver innovative solutions.
11. Implement JIT and Zero Trust standards and processes for privilege identity management to ensure strong lifecycle management and governance for the identities that have access to IMF’s crown jewels.
12. Stay at the forefront of emerging encryption technologies, PKI and PAM standards, and