Information Security Specialist
About the position
Working at the Federal Reserve Bank of New York positions you at the center of the financial world with a unique perspective on national and international markets and economies. You will work in an environment with a diverse group of experienced professionals to foster and support the safety, soundness, and vitality of our economic and financial systems. The Bank believes in work flexibility to balance the demands of work and life while also connecting and collaborating with our colleagues in person. Employees can expect to be in the office a couple of days per week as needed for meetings and team collaboration and should live within a commutable distance. Information Security New York (ISNY) is responsible for developing, executing, and maintaining a superior information security program that promotes resiliency by identifying and mitigating cyber risks and threats through risk-based consultation, advice, and direction for controls, designs, and investments for the entire Bank. Within Information Security, the Risk Assessment and Management Department (RAM) is responsible for assessing risks associated with 3rd party vendors systems, software, IoT devices, ICS, technology processes, or outsourcing arrangements handling, processing, or storing Federal Reserve data. The team works directly with the business providing guidance and managing risks. The department is also responsible for the integration of security practices into DevSecOps methodology, performing application security testing and working directly on tooling integration as part of the CI/CD pipeline. The engagement and guidance to the product development teams are implemented through the Security Champion Program ensuring each product team has developers trained in security matters. As an Information Security Specialist, you will work in a dynamic team environment and play an important role in helping the Federal Reserve carry out its responsibilities. The Cyber Security Risk Expert will be responsible for risk assessments, Cloud mitigations, security testing and overall risk management. The role is an individual contributor who will work closely with technology squads to flawlessly deliver technology projects to the business customers. The candidate will be required to perform risk assessments which include application security testing focusing on Cloud migration workloads. The position resides in the Information Security Function and reports to Cyber Security Assurance Manager.
Responsibilities
? Perform Cloud application security risk assessments.
,
? Execute assessments timely and accurately.
,
? Manage relationship with the business unit assigned.
,
? Embed within the development squad to provide timely security advice.
,
? Perform application security testing ensuring only compliance workloads move to the Cloud.
,
? Support development squads in implementing security tooling in the CI/CD pipeline.
Requirements
? Experience in executing assessments in the Cloud and against third party SaaS solutions.
,
? Expert knowledge of performing risk management based on NIST 800-53 and FedRamp.
,
? Experience in determining vulnerability risk impact on key objectives and critical processes; ability to link risk management programs and initiatives to inform critical business strategies and processes.
,
? Experience in thriving in the DevSecOps culture.
,
? Demonstrated leadership experience managing projects, strong decision making and execution abilities.
,
? Strong experience managing and timely resolving security findings in the Agile management practice.
,
? Experience in application security testing skills supporting CI/CD pipeline.
,
? Possession of or the ability to obtain and maintain National Security Clearance, which includes U.S. Citizenship.
Nice-to-haves
Benefits
? Fully paid Pension plan and 401k with Generous Match
,
? Comprehensive Insurance Plans (Medical, Dental and Vision including Flexible Spending Accounts and HSA)
,
? Subsidized Public Transportation Program
,
? Tuition Assistance Program
,
? Onsite Fitness & Wellness Center
Apply Job!