Clera - Your AI talent agent
World Bank Group logo
World Bank Group
E T Temporary
TEMPORARYChennai

Summary

Location

Chennai

Type

TEMPORARY

Company links

WebsiteLinkedInLinkedIn
Explore Jobs

About this role

E T Temporary

Job #: req35422
Organization: World Bank
Sector: Information Technology
Grade: ET3
Term Duration: 1 year 0 months
Recruitment Type: Local Recruitment
Location: Chennai,India
Required Language(s): English
Preferred Language(s):
Closing Date: 1/30/2026 (MM/DD/YYYY) at 11:59pm UTC

Description

Do you want to build a career that is truly worthwhile? Working at the World Bank Group provides a unique opportunity for you to help our clients solve their greatest development challenges. The World Bank Group is one of the largest sources of funding and knowledge for developing countries; a unique global partnership of five institutions dedicated to ending extreme poverty, increasing shared prosperity and promoting sustainable development. With 189 member countries and more than 130 offices worldwide, we work with public and private sector partners, investing in groundbreaking projects and using data, research, and technology to develop solutions to the most urgent global challenges. For more information, visit www.worldbank.org

The WBG consists of five specialized institutions: the International Bank for Reconstruction and Development (IBRD), the International Development Association (IDA), the International Finance Corporation (IFC), the Multilateral Investment Guarantee Agency (MIGA), and the International Centre for the Settlement of Investment Disputes (ICSID). 

Information and Technology Solutions (ITS) enables the WBG to achieve its mission of ending extreme poverty and boost shared prosperity on a livable planet by delivering transformative information and technologies to its staff working in over 150+ locations.

The ITS Information Security and Risk Management (ITSSR) unit, headed by the Chief Information Security Officer (CISO), is responsible for providing leadership in managing the information security and risk functions and activities across the World Bank Group, enabling the achievement of WBG's business objectives. ITSSR supports and facilitates a risk aware culture, ensuring that WBG information assets are protected in an effective, efficient, and balanced manner and IT security and risk management efforts throughout the World Bank Group are coordinated and aligned to the Bank's business and IT strategy.

The ITS Risk Management (ITSRM) unit within ITSSR has been tasked with providing technical and architectural information security solutions for The World Bank Group and needs an Information Security professional who is results oriented, multi-disciplined and experienced in evaluating information security controls in web, mobile and complex business applications.

The Extended Term Temporary would be expected to work primarily in the following areas:

• Interface with ITSRM Security Architecture team members to understand security requirements for WBG information systems (websites, enterprise systems, mobile applications, cloud-based solutions, etc.) seeking security accreditation.

• vPrepare risk-based test plans and perform the security testing (tool-based testing, manual penetration testing, source code review, etc.) on the different layers of those information systems in support of the Certification & Accreditation.

The selected candidate will report to the Team Lead of the Certification and Accreditation function.

Duties and Accountabilities

The Extended Term Temporary will have responsibilities for specific individual tasks and for working as an integral part of the team in executing ITSRM's work program. The primary responsibilities will include, but are not limited to, a combination of the following:

• Review the security architecture evaluation of WBG new systems and create security test plans based on existing and planned controls and recommendations.

• Perform security analysis of the different layers of the systems (application, API, operating systems, and database layers) by performing source code review, manual testing and automated system vulnerability assessment scans using various web, application, operating systems, source code and database vulnerability scanners.

• Perform Red Teaming activities for Web, API, Cloud and AI solutions
 
• Perform manual vulnerability assessment, produce reports, and walk development team through issues.
 
• Perform security testing for cloud-based solutions, M365 platform applications.
 
• Perform Gray-Box/White-Box security testing of applications. Perform SAST, SCA analysis of the application code.
 
• Perform application security testing on both native and web based mobile applications on different mobile platforms.
 
• Review testing result reports and work with the application development community to remediate issues following a risk-based approach.
 
• Maintain detailed documentation of test procedures and findings in ITSRM ticketing system.
 
• Understanding of AI models and its security testing
 
• Understanding of the Agile framework and its application in security testing. 
 
• Stay abreast of newer trends, technologies such as AI and the tools, techniques used for application security testing.

Note: Preference will be given to local talent, that is, applicants who are authorized to work in the duty station for any employer. Internal applicants may apply per existing guidelines. 

Selection Criteria

• High school diploma with 7 years of relevant experience or equivalent combination of education and experience in application security and participated in bug-bounty programs.

• Proven level of understanding of the security architecture and security requirements of enterprise applications and platforms, and hands-on experience in preparing risk-based test plans and performing the security testing on the different layers of those information systems.

• Proven level of understanding of security in various phases of a software, system, and data life cycle.

• In-depth knowledge of common security vulnerabilities of OWASP Top 10 (e.g., SQL injection, cross-site scripting) and common exploit techniques (e.g., character encoding, privilege escalation, directory traversal).

• Demonstrated hands-on experience with web application security manual testing, source code review, and running web application testing tools (e.g., Rapid7, HP Web Inspect), identifying vulnerabilities as per SANS 25 or OWASP Top 10 specifications and validating test results, analyzing vulnerabilities, and helping develop platform specific remediation plans.
 
• Experience with AWS, Azure, BlackDuck, Rapid7, Veracode and ADAL SDKs for Python, and Selenium scripting is an added plus.
 
• Understanding of cloud technology (e.g., AWS, MS Azure, MS Office 365, MS Power Apps), web application technologies (e.g., Java, .NET, Drupal) and operation/configuration of common web servers (e.g., IIS, Apache) is an added plus.
 
• Experience with mobile application security testing on different mobile platforms (iOS and Android) is an added plus
 
• Industry certifications highly preferred including, but not limited to, Certified Ethical Hacker (CEH), AWS Solutions Architect Associate, Azure Solutions Architect Associate, eWPT, OSCP, OSWA, Hack The Box certifications if any, Altered Security red teaming certifications if any, Microsoft AZ-500, AI-102 if any are added advantage.
 
• Programming/scripting experience or certifications is a plus
 
• Ability to work well under pressure and meet tight deadlines. Demonstrate a high level of motivation, confidence, integrity and responsibility.
 
• Ability to be organized, responsive and to be able to effectively multi-task with a focus on driving results.
 
• Demonstrate excellent interpersonal skills, including the ability to work independently, effectively in a team/task force as a team member or leader, and with senior staff and managers in the unit and elsewhere in the WBG.

Note: The selected candidate will be offered a one-year appointment, renewable at the discretion of the World Bank Group, and subject to a lifetime maximum ET appointment of three years. If an ET appointment ends before a full year, it is considered as a full year toward the lifetime maximum. Former and current ET staff who have completed all or any portion of their third-year ET appointment are not eligible for future ET appointments.

WBG Culture Attributes:

1. Sense of urgency: Anticipate and quickly respond to the needs of internal and external stakeholders.
2. Thoughtful risk-taking: Challenge the status quo and push boundaries to achieve greater impact.
3. Empowerment and accountability: Empower yourself and others to act and hold each other accountable for results..

World Bank Group Core Competencies

We are proud to be an equal opportunity and inclusive employer with a dedicated and committed workforce, and do not discriminate based on gender, gender identity, religion, race, ethnicity, sexual orientation, or disability.

Learn more about working at the World Bank and IFC, including our values and inspiring stories. 

Other facts

Tech stack
Information Security,Risk Management,Security Testing,Vulnerability Assessment,Cloud Technology,Application Security,Penetration Testing,Source Code Review,Mobile Application Security,Agile Framework,Security Architecture,AWS,Azure,Scripting,Interpersonal Skills,Documentation

About World Bank Group

The World Bank is a vital source of financial and technical assistance to developing countries around the world. Our vision is to create a world free of poverty on a livable planet.

We are not a bank in the common sense; we are made up of two unique development institutions owned by 189 member countries: the International Bank for Reconstruction and Development (IBRD) and the International Development Association (IDA).

Each institution plays a different but collaborative role in advancing the vision of inclusive and sustainable globalization. The IBRD aims to reduce poverty in middle-income and creditworthy poorer countries, while IDA focuses on the world's poorest countries.

Their work is complemented by that of the International Finance Corporation (IFC), Multilateral Investment Guarantee Agency (MIGA) and the International Centre for the Settlement of Investment Disputes (ICSID).

Together, we provide low-interest loans, interest-free credits and grants to developing countries for a wide array of purposes that include investments in education, health, public administration, infrastructure, financial and private sector development, agriculture and environmental and natural resource management.

Team size: 10,001+ employees
LinkedIn: Visit
Industry: International Trade and Development

What you'll do

  • The Extended Term Temporary will be responsible for reviewing security architecture evaluations and creating security test plans. They will perform security analysis and testing across various layers of information systems to support Certification & Accreditation.

Ready to join World Bank Group?

Take the next step in your career journey

Frequently Asked Questions

What does a E T Temporary do at World Bank Group?

As a E T Temporary at World Bank Group, you will: the Extended Term Temporary will be responsible for reviewing security architecture evaluations and creating security test plans. They will perform security analysis and testing across various layers of information systems to support Certification & Accreditation..

Why join World Bank Group as a E T Temporary?

World Bank Group is a leading International Trade and Development company.

Is the E T Temporary position at World Bank Group remote?

The E T Temporary position at World Bank Group is based in Chennai, Tamil Nadu, India. Contact the company through Clera for specific work arrangement details.

How do I apply for the E T Temporary position at World Bank Group?

You can apply for the E T Temporary position at World Bank Group directly through Clera. Click the "Apply Now" button above to start your application. Clera's AI-powered platform will help match your profile with this opportunity and guide you through the application process. You can also learn more about World Bank Group on their website.