Cyber Cloud Security Risk Specialist
Federal Reserve Bank of Atlanta
CompanyFederal Reserve Bank of New YorkWorking at the Federal Reserve Bank of New York positions you at the center of the financial world with a unique perspective on national and international markets and economies. You will work in an environment with a diverse group of experienced professionals to foster and support the safety, soundness, and vitality of our economic and financial systems.
The Bank believes in work flexibility to balance the demands of work and life while also connecting and collaborating with our colleagues in person. Employees can expect to be in the office a couple of days per week as needed for meetings and team collaboration and should live within a commutable distance.
What we do:
Information Security New York (ISNY) is responsible for developing, executing, and maintaining a superior information security program that promotes resiliency by identifying and mitigating cyber risks and threats through risk-based consultation, advice, and direction for controls, designs, and investments for the entire Bank.
Within Information Security, the Risk Assessment and Management Department (RAM) is responsible for assessing risks associated with 3rd party vendors systems, software, IoT devices, ICS, technology processes, or outsourcing arrangements handling, processing, or storing Federal Reserve data. The team works directly with the business providing guidance and managing risks. The department is also responsible for the integration of security practices into DevSecOps methodology, performing application security testing and working directly on tooling integration as part of the CI/CD pipeline. The engagement and guidance to the product development teams are implemented through the Security Champion Program ensuring each product team has developers trained in security matters.
Your role as a Cyber Cloud Security Risk Specialist:
You will work in a dynamic team environment and play an important role in helping the Federal Reserve carry out its responsibilities. The Cyber Security Risk Expert will be responsible for risk assessments, Cloud mitigations, security testing and overall risk management. The role is an individual contributor who will work closely with technology squads to flawlessly deliver technology projects to the business customers. The candidate will be required to perform risk assessments which include application security testing focusing on Cloud migration workloads. The position resides in the Information Security Function and reports to Cyber Security Assurance Manager.
Role’s objectives are:
- Accelerate Cloud application security risk assessments.
- Execute assessments timely and accurately.
- Facilitate application security testing ensuring only compliance workloads move to the Cloud.
What we are looking for:
- Execute assessments in the Cloud and against third party SaaS solutions.
- Perform risk management based on NIST 800-53.
- Determine vulnerability risk impact on key objectives and critical processes; ability to link risk management programs and initiatives to inform critical business strategies and processes.
- Thrive in the DevSecOps culture.
- Manage projects, strong decision making and execution abilities.
- Manage and resolve security findings in a timely manner and in the Agile management practice.
- Application security testing skills supporting Ci/CD pipeline.
- Possession of or the ability to obtain and maintain National Security Clearance, which includes U.S. Citizenship.
Salary Range: $150000 - $210000 / year
We believe in transparency at the NY Fed. This salary range reflects a variety of skills and experiences candidates may bring to the job. We pay individuals along this range based on their unique backgrounds. Whether you’re stretching into the job or are a more seasoned candidate, we aim to pay competitively for your contributions.
Our Touchstone Behaviors—Communicate Authentically, Collaborate Inclusively, Drive Progress, Develop Others, and Take Ownership—help shape the culture of the Bank. They also provide a shared language for how we work together and achieve success, and they set clear expectations for leading with impact at every stage of your career with us. Learn more.
Our organization offers benefits that are the best fit for you at every stage of your career:
- Fully paid Pension plan and 401k with Generous Match
- Comprehensive Insurance Plans (Medical, Dental and Vision including Flexible Spending Accounts and HSA)
- Subsidized Public Transportation Program
- Tuition Assistance Program
- Onsite Fitness & Wellness Center
- And more
The New York Fed expects its employees to perform their duties with honesty, integrity, and impartiality, and without improper preferential treatment of any person. Learn more about our code of conduct and conflicts of interest rules.
The Federal Reserve Bank of New York is committed to a diverse workforce and to providing equal employment opportunity to all persons without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, genetic information, disability, or military service.
This is not necessarily an exhaustive list of all responsibilities, duties, performance standards or requirements, efforts, skills or working conditions associated with the job. While this is intended to be an accurate reflection of the current job, management reserves the right to revise the job or to require that other or different tasks be performed when circumstances change.
This position requires possession of or the ability to obtain and maintain national security clearance, which requires U.S. citizenship.
Full Time / Part TimeFull time
Regular / TemporaryRegular
Job Exempt (Yes / No)Yes
Job CategoryInformation Technology
Work ShiftFirst (United States of America)
The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.