PAHO Consultant - Information Security Architect and Engineer(ITS)

Organizational Context

The Pan American Health Organization (PAHO) serves as the Regional Office for the Americas of the World Health Organization (WHO), relying on secure digital services for its operations and public health mandate.

Job Purpose

To provide specialized Security Architecture and Engineering support to PAHO's Information Security Program by designing, reviewing, and enabling technical security controls across cloud, application, data, AI-enabled, endpoint, and mobile environments.

Responsibilities

Assess applications, systems, and AI-driven solutions for security and privacy risks. Document and coordinate mitigation of security findings. Perform security assessments of COTS applications, platforms, APIs, and AI-enabled services. Assess API exposure, authentication, authorization, and data flows. Design and enhance cloud and AI security controls using Microsoft Defender, Entra ID, and WAF. Support remediation of cloud security gaps. Design and support Zero Trust architectures, extending controls to machine and non-human identities. Support the design and architectural enablement of data discovery and mapping. Support the architecture, configuration, and control design for DSPM solutions. Support configuration of data classification, labeling, and retention mechanisms. Provide technical guidance for DLP and Generative AI guardrails. Collaborate on architectural recommendations for a secure data lifecycle. Define, maintain, and update security baselines and secure configuration standards. Support continuous improvement of secure infrastructure practices. Support the technical maintenance and improvement of Mobile Device Management (MDM) using Microsoft Intune. Design and develop incident response playbooks and automation workflows. Strengthen security detection and protection mechanisms using identity signals and conditional access policies. Support the analysis and architectural design of security log ingestion, correlation, and retention models.

Work Experience

At least thirteen years of combined experience in information security, security operations, cloud and IT operations. Proven experience designing, assessing, and supporting security controls in multi-cloud and enterprise environments. Experience with Cloud Security Posture Management (CSPM), secure configuration standards, and Zero Trust initiatives. Experience applying cybersecurity frameworks (NIST CSF 2.0, CIS Controls, ISO/IEC 27001, data protection frameworks). Experience with Microsoft Azure security services and ecosystem (Microsoft Sentinel, Defender, Entra ID, Intune). Experience performing technical security assessments of applications, APIs, cloud services, SaaS platforms, and AI-enabled solutions. Experience supporting incident enablement, including playbooks, automation, logging, and security visibility. Working knowledge of scripting, query, and automation languages (PowerShell, Python, KQL, JavaScript, shell scripting) and database technologies (SQL Server, PostgreSQL, MySQL).

Skills

Ability to work collaboratively with cross-functional teams. Ability to clearly communicate technical risks and security requirements to diverse stakeholders. Strong analytical, problem-solving, documentation, and coordination skills. Ability to translate security findings into actionable technical recommendations and implementation guidance.

Explore related opportunities