Responsible for establishing and executing strategic, comprehensive risk management strategies that align with delivering and enhancing value to our District and System customers and partners. Directs and oversees the Policy, Risk and Compliance and Third Party Risk Management, and Security Architecture & Assurance teams for the Sixth District. Manages and leads staff responsible for the operational, analytical and administrative activities of the Information Security Department. Oversees security projects and provides consulting to key District Officers, managers and key stakeholders and service partners related to information security matters. Develops, monitors, and manages the departmental budget. Represents the District on Federal Reserve System (FRS) Information Security workgroups, projects and related initiatives. Effectively collaborates with other System, Reserve Bank, National Lines of Business and Information Technology service providers as required to accomplish both District and System level objectives.

Key Responsibilities:

• Directs and develops the Information Security program for the District. Recommends or approves overall department performance goals based upon standards and procedures. Monitors operational problems related to security and assigns personnel to correct the problems. Develops and maintains standard security processes for the Information Security Department.

• Selects, develops and manages department staff and management to maximize operational effectiveness. Plans for department staffing needs. Counsels and coaches staff and management on performance expectations and progress and administers performance reviews. Recommends salary actions, promotions and other personnel actions, including disciplinary actions and terminations.

• Directs District projects related to information security and participates as a key stakeholder in System and cross-District projects and initiatives. Directs, studies and develops plans for the implementation and support of new security
technologies and enhancements. Monitors, tracks, and controls project activities and staff performance. Provides project plans and status updates to senior management. Participates in System projects and work groups with a focus on Information security technologies and best practices.

• Leads and manages the development of District Information Security policies and guidelines to protect the information assets of the Bank. Provides consultation to business areas with interpretations of information security policies and guidelines.

• Consults with District Officers and managers on information security matters. Works closely with Bank Officers and managers to assist in addressing information security audits, including corrective action. Provides security training to District employees and contractors, including guidance on performing risk assessments. Provides guidance to Corporate and Branch offices on security access and violations.

• Develops and manages the operating and capital budgets for the Information Security Department. Monitors actual expenditures and explains budget variances. Recommends actions or expenditures to meet operational requirements.

• Directs and coordinates the District's security awareness and training programs promote employee and customer compliance with Information Security policies and guidelines.

Education:

Bachelor’s Degree in Cybersecurity, Computer Science, Information Systems or other related field

Experience:

* 8+ years of experience in a combination of information technology & security, and IT risk management

• 8+ years of management and leadership experience in managing and leading programs related to information security policy, standards, architecture and assurance

• Experience with multiple information security domains, such as infrastructure, vulnerability management, data loss prevention, end user security, network security, application security, cloud security (AWS/Azure), identity & access management, etc.

• Experience with security products from a variety of vendors (e.g., firewalls, intrusion detection systems, vulnerability scanners, multi-factor/strong authentication technologies, SIEM, CASB, logging, penetration testing software, etc.)
• Knowledge and understanding of relevant legal and regulatory requirements, such as, ISO/IEC 27001, and NIST 800-
53/37 security principles

Qualifications:

Knowledge Areas:

• Information Security Frameworks

• Risk Management & Reporting

• Leadership/Management

Technical Skills:

• SaaS/PaaS/IaaS Infrastructures

• Network Architecture & Protocols

Certifications/ Licenses (preferred): CISSP, CRISC, CISSP, GSEC, CISA, CAP, SSCP, CRISC

Our total rewards program offers benefits that are the best fit for you at every stage of your career:

• Comprehensive healthcare options (Medical, Dental, and Vision)

• 401K match, and a fully funded pension plan

• Paid vacation and holidays; flexible work environment

• Generously subsidized public transportation

• Annual tuition reimbursement

• Professional development programs, training and conferences

• And more…

This is not necessarily an exhaustive list of all responsibilities, duties, performance standards or requirements, efforts, skills or working conditions associated with the job. While this is intended to be an accurate reflection of the current job, management reserves the right to revise the job or to require that other or different tasks be performed when circumstances change (e.g. emergencies, rush jobs, change in workload or technological developments).

The Federal Reserve Bank of Atlanta is an equal opportunity employer.