Opening...
Opening...
Do you want to build a career that is truly worthwhile? Working at the provides a unique opportunity for you to help our clients solv... Explicit requirements include 7 years of relevant experience and Certification (GIAC). Appears limited to nationally recruited or locally authorized candidates.
Last checked: 56 minutes ago
Closing date: Thursday, 18 June 2026
Country: India
Duty station: Chennai, India
Contract type: Local Recruitment | 1 year 0 months
Grade: ET3
Applicant eligibility: Local / national only
Ad
Ad
E T Temporary
Job #: req36873 Organization: World Bank Sector: Information Technology Grade: ET3 Term Duration: 1 year 0 months Recruitment Type: Local Recruitment Location: Chennai,India Required Language(s): English Preferred Language(s): Closing Date: 6/17/2026 (MM/DD/YYYY) at 11:59pm UTC
Description
Do you want to build a career that is truly worthwhile? Working at the World Bank Group provides a unique opportunity for you to help our clients solve their greatest development challenges. The World Bank Group is one of the largest sources of funding and knowledge for developing countries; a unique global partnership of five institutions dedicated to ending extreme poverty, increasing shared prosperity and promoting sustainable development. With 189 member countries and more than 130 offices worldwide, we work with public and private sector partners, investing in groundbreaking projects and using data, research, and technology to develop solutions to the most urgent global challenges. For more information, visit www.worldbank.org
ITS Vice Presidency Context:
The Information and Technology Solutions (ITS) Vice Presidential Unit (VPU) enables the World Bank Group to achieve its mission of ending extreme poverty and boost shared prosperity on a livable planet by delivering transformative information and technologies to its staff working in over 150+ locations. For more information on ITS, see this video:https://www.youtube.com/watch?reload=9&v=VTFGffa1Y7w
Unit Context:
The ITS Information Security and Risk Management (ITSSR) unit, led by the Chief Information Security Officer (CISO), provides enterprise wide leadership for information security and risk management across the World Bank Group.
The ITS Risk Management (ITSRM) unit within ITSSR has been tasked with providing technical and architectural information security solutions for The World Bank Group and needs an Information Security professional who is results oriented, multi-disciplined and experienced in evaluating information security controls in web, cloud, AI, mobile and complex business applications
Duties and accountabilities:
The Extended Term Temporary will have responsibilities for specific individual tasks and for working as an integral part of the team in executing ITSRM's work program. The primary responsibilities will include, but are not limited to, a combination of the following:
• Review the security architecture evaluation of WBG new systems and create security test plans based on existing and planned controls and recommendations.
• Perform security analysis of the different layers of the systems (application, API, operating systems, and database layers) by performing source code review, manual testing and automated system vulnerability assessment scans using various web, application, operating systems, source code and database vulnerability scanners.
• Perform manual vulnerability assessment, produce reports, and walk development team through issues.
• Perform security testing for cloud-based solutions, M365 platform applications.
• Perform Gray-Box/White-Box security testing of applications. Perform SAST, SCA analysis of the application code.
• Perform application security testing on both native and web-based mobile applications on different mobile platforms.
• Review testing results reports and work with the application development community to remediate issues following a risk-based approach.
• Maintain detailed documentation of test procedures and findings in ITSRM ticketing system.
• Perform AI Security testing and AI security controls Assessment
• Understanding the Agile framework and its application in security testing.
• Stay abreast of newer trends, technologies such as AI and the tools, techniques used for application security testing.
Selection Criteria
Attention: Preference will be given to local talent, that is, applicants that are authorized to work in the duty station for any employer. Internal applicants may apply per existing guidelines.
• High school diploma with 7 years of relevant experience or equivalent combination of education and experience in application security and participated in bug-bounty programs.
• Proven level of understanding of the security architecture and security requirements of enterprise applications and platforms, and hands-on experience in preparing risk-based test plans and performing the security testing on the different layers of those information systems.
• In-depth knowledge of common security vulnerabilities of OWASP Top 10 for web, API, mobile, LLMs and common exploit techniques.
• Demonstrated hands-on experience with web application security manual testing, source code review, identifying vulnerabilities as per SANS 25 or OWASP Top 10 specifications and validating test results, analyzing vulnerabilities, and helping develop platform specific remediation plans.
• Understanding of cloud technology (e.g., AWS, MS Azure, MS Office 365, MS Power Apps), web application technologies (e.g., Java, .NET, Drupal) and operation/configuration of common web servers (e.g., IIS, Apache) is an added plus.
• Experience with mobile application security testing on different mobile platforms (iOS and Android) is an added plus
• Industry certifications highly preferred including, but not limited to, Certified Ethical Hacker (CEH), Hack The Box Certified Penetration Testing Specialist (CPTS) , Microsoft Certified: Azure Security Engineer Associate (AZ-500), Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC).
WBG Culture Attributes:
1. Sense of urgency: Anticipate and quickly respond to the needs of internal and external stakeholders.
2. Thoughtful risk-taking: Challenge the status quo and push boundaries to achieve greater impact.
3. Empowerment and accountability: Empower yourself and others to act and hold each other accountable for results..
World Bank Group Core Competencies
As per WBG policy, an Extended Term (ET) appointment is subject to a lifetime maximum of three (3) years. Former and current ET staff who have completed or are in the process of completing their third-year ET appointment are not eligible for future ET appointments.
We are proud to be an equal opportunity and inclusive employer with a dedicated and committed workforce, and do not discriminate based on gender, gender identity, religion, race, ethnicity, sexual orientation, or disability.
Learn more about working at the World Bank and IFC including our values and inspiring stories.
Ad
Ad
