PAHO Consultant - Information Security Architect and Engineer(ITS)

Benefits

Additional Information

OBJECTIVE OF THE OFFICE/DEPARTMENT This is a requisition for employment at the Pan American Health Organization (PAHO)/Regional Office of the World Health Organization (WHO) Contractual Agreement: Non-Staff - International PAHO Consultant Job Posting: June 1, 2026 Closing Date: June 8, 2026, 11:59 PM Eastern Time Primary Location: Off Site Organization: ITS Information Technology Services Schedule: Full time PURPOSE OF CONSULTANCY Information Security Consultant - Security Architect and Engineer PAHO is searching for an independent consultant to work at the Department of Information Technology Services (ITS), who will be responsible for the implementation of the following deliverables and activities within PAHO's Information Security Program: 1. Background The Pan American Health Organization (PAHO), as the specialized international health agency for the Americas and Regional Office for the Americas of the World Health Organization, relies on secure, resilient, and trusted digital services to support its technical cooperation, administrative operations, and regional public health mandate. The Department of Information Technology Services (ITS), through the Information Security Program, is strengthening PAHO's cybersecurity architecture and engineering capabilities to address the evolving risks associated with cloud services, mobile access, SaaS platforms, data protection, artificial intelligence-enabled solutions, and internet-facing applications. In this context, PAHO requires specialized consultancy support to enhance security architecture and technical controls across key areas, including application and AI security assessments, Cloud Security Posture Management (CSPM), Zero Trust Architecture, secure configuration standards, data and AI protection, Mobile Device Management (MDM), Web Application Firewall (WAF) and API security, and incident response enablement. 2. Purpose of the Consultancy The purpose of this consultancy is to provide specialized Security Architecture and Engineering support to PAHO's Information Security Program by designing, reviewing, and enabling technical security controls across cloud, application, data, AI-enabled, endpoint, and mobile environments. The consultant will support the assessment of applications, platforms, and AI-enabled services; contribute to the improvement of PAHO's cloud, data and AI security posture; define and maintain secure configuration standards and security baselines; support the secure use of mobile devices through Microsoft Intune; and develop architectural recommendations, playbooks, and technical guidance to strengthen incident response enablement and security visibility. DESCRIPTION OF DUTIES: 3. Duties and Responsibilities Under the supervision of the Information Security Advisor (CISO), the consultant will perform the following activities: A. Application Security and AI Security ITS Accreditation Process: Support the ITS Accreditation Process by assessing applications, systems, and AI-driven solutions to identify security and privacy risks, and by providing technical security recommendations to ensure required controls and organizational standards are met. Findings Management and Risk Mitigation: Document security assessment findings and coordinate follow-up actions with application owners, technical focal points, and/or custodians to support the mitigation of identified risks and maintain a robust and resilient security architecture. Application, COTS, and AI-enabled Services Assessments: Perform security assessments of COTS applications, platforms, APIs, and AI-enabled services prior to onboarding, ensuring alignment with organizational security requirements, data protection standards, and approved AI usage guidelines. API Security and Secure Integrations: Assess API exposure, authentication mechanisms, authorization controls, data flows, and integration patterns for applications, AI-enabled services, and third-party platforms to reduce risks associated with insecure interfaces or excessive access. B. Cloud Security Posture Management, AI Security Posture, and Zero Trust Cloud & AI Security Posture Management (CSPM / AISPM): Design and enhance security controls and visibility across PAHO cloud ecosystem, including AI-enabled services, leveraging the Microsoft Defender security stack, Entra ID Protection, and Web Application Firewall (WAF) solutions. Cloud Control Enhancement and Remediation Support: Collaborate with responsible technical teams to support the remediation of identified cloud security gaps and architectural weaknesses, ensuring timely risk mitigation, and contributing to a resilient cloud and AI security posture that addresses both traditional and AI-driven threats. Zero Trust Architecture (ZTA): Design and support the implementation of Zero Trust architectures based on "never trust, always verify" principles, prioritizing advanced Identity and Access Management (IAM), conditional access, network micro-segmentation, work

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at paho? Share your experience