FRFS Cyber Security Specialist

Company

Key Activities:

• Execute and maintain NIST based cyber risk assessments and management practices on FRFS information technology cloud and on-premises portfolio.
• Identify measure monitor and report on security risks within the information technology domain and assess the adequacy of controls including information security cybersecurity and mitigation practices for technical vulnerabilities.
• Execute and maintain software security practices including security policies for tooling (SAST DAST OSS IAST) to increase effectiveness and reduce false positives; promote and build procedures for the security champions in the Agile squads; and bring IS policy and standard expertise into the Agile squads.
• Review results from technical testing tools to identify vulnerabilities and contextualize the business impact on the respective payment services.
• Contribute to the vision strategy values and priorities that help the FRFS enterprise achieve its mission as a member of the FRFS Technology Team.
• Develop close relationships with key stakeholders and external partners to ensure contemporary thinking including the FRFS Technology Leadership Team FRFS Leadership Team and National IT stakeholders with particular emphasis on collaboration with the Office of the Chief Information Security Officer to ensure complementary actions and avoid duplicative services.

What We Look For

• Demonstrated working knowledge of enterprise cyber risk assessment and management and software security practices or equivalent experiences.
• Understanding and working experience with risk management and control frameworks (NIST 800-53) and industry best practices. Understanding of vulnerability risk impact on key outcomes and critical processes.
• Experience in risk management programs and initiatives to inform critical business strategies and processes. Knowledge of and experience implementing industry standards frameworks and best practices in cyber risk management programs practices and processes inclusive of risk identification analysis response communication monitoring and escalation.
• Experience in conducting IS or Cyber Risk assessments with Cloud and/or on-premises products in an agile development environment.
• Works independently with little oversight serves as a thought leader for solving complex business problems with innovative solutions.
• Demonstrated ability to collaborate with peers in developing security and technical testing practices in alignment with business needs and FR System standards translate the practices into actionable plans and deliver results.
• Demonstrated ability to work cross-System with both embedded and matrixed resources in pursuit of a common objective.
• Excellent change management skills including advocating anticipating and orchestrating change.

Qualifications:

• Bachelors degree required in business technology information security or related fields or equivalent work experience.
• A minimum of 3 years of progressive experience in technology and information security. 5 years or more of progressive experience preferred.
• Current or prior experience in the FRS is beneficial.
• Federal Reserve System SAFR certification preferred or commensurate certification and experience in information security assurance.

Salary:

The Federal Reserve believes in salary transparency. The final salary and offer will be determined by the applicants background skills internal equity and alignment with market data. Whether youre developing into the job or are a more seasoned candidate we aim to pay competitively. The salary range for this position - if the candidate is hired in NY - is $164400.00 - $223300 - $282400.00. If you reside outside of the 2nd District (New York Fed District) you may be hired by your local Federal Reserve District and compensation will follow hiring Districts range and policy.

The Federal Reserve Bank of Boston is committed to provide equal employment opportunities to all persons without regard to race color religion national origin sex sexual orientation gender identity age genetic information disability or military service.

All employees assigned to this position will be subject to FBI fingerprint/ criminal background and Patriot Act/ Office of Foreign Assets Control (OFAC) watch list checks at least once every five years.

For this job any offer of employment is contingent upon successfully passing a two-phase security screening. The first phase consists of the satisfactory completion of a physical examination (including a drug screening) reference checks and a security investigation consisting of credit and criminal history checks.

The second phase which might not be complete until after you begin working at the Reserve Bank is an additional risk-based security screening determined by the risk rating of the position. Depending upon the sensitivity of the position this phase may include and is not limited to work and residency eligibility verification and personal interviews with the candidate references and prior employers.

All applicants must have resided in the United States for at least three (3) years.

Full Time / Part Time

Regular / Temporary

Job Exempt (Yes / No)

Job Category

Work Shift

The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.

Always verify and apply to jobs on Federal Reserve System Careers ( or through verified Federal Reserve Bank social media channels.

Privacy Notice