Fevrok logo
Information Security Specialist
3 years ago

Company

Federal Reserve Bank of New York

Working at the Federal Reserve Bank of New York positions you at the center of the financial world with a unique perspective on national and international markets and economies. You will work in an environment with a diverse group of experienced professionals to foster and support the safety, soundness, and vitality of our economic and financial systems.

This position will offer workplace flexibility e.g. working remotely or on site as needed/ desired during the week. Employees can expect to be in the office weekly as needed for meetings and team collaboration and should live within a commutable distance. The Bank believes in work flexibility to balance the demands of work and life while also connecting and collaborating with our colleagues in person a couple days a week.

What we do:

Information Security New York (ISNY) develops, executes, and maintains an information security program that promotes resiliency by identifying and mitigating cyber threats through risk-based consultation, advice, and direction for controls, designs, and investments for the entire Bank.

Your role as Information Security Specialist:

The Federal Reserve Bank of New York is seeking an experienced cybersecurity professional with a strong focus on Cloud-based vulnerability management, whether configuration-based (e.g., Cloud infrastructure Entitlement Management (CIEM), Cloud Security Posture Management (CSPM)) or workload-centered. However, this role will also involve vulnerability management as applied to other environments (e.g., endpoints) and advancement of other foundational security controls (e.g., hardening, control design, integrated workflow, enhanced application of asset management). As an information security specialist, you will be essential to protecting the Banks data and maintaining the Banks security posture. The successful candidate for this role will serve as an ambassador of the Banks cybersecurity program (and resiliency efforts).

  • Analyze processes for inefficiencies and perform ongoing continuous improvement.

  • Assess criticality of findings, create remediation plans with applicable teams, and produce comprehensive reports for various levels of stakeholders (i.e., management and technical stakeholders).

  • Prioritize vulnerabilities and develop plans to handle high severity vulnerabilities.

  • Execute information security processes, and/or operations to achieve required security outcomes.

  • Keep informed on emerging threats and vulnerabilities.

  • Analyze and contextualize vulnerability scan information for Cloud and other asset types / environments.

  • Analyze existing security controls for gaps and provide recommendations on improvement/remediation.

  • Identify, measure, monitor, and report on security risks within the information technology domain and assess the adequacy of technical and procedural controls that offer remediation or mitigation.

  • Devise and execute on KRI and KPI metrics that either keep management informed on the effectiveness of, or otherwise inform, process improvements efforts.

  • Lead cybersecurity projects to achieve the required objectives or deliverables.

  • Influence key stakeholders across the Bank and System regarding information security policies, practices, and procedures.

  • Provide decision-support expertise on information and cyber security topics, issues, and risks.

  • Research emerging technologies in support of IT security enhancement and development efforts.

  • Support the design, development, and deployment of proactive security initiatives around information security awareness and branding that contribute to an improved security posture for the organization.

What we are looking for:

  • Demonstrated experience in vulnerability management

  • Solid knowledge of foundational security controls (Example: CIS 20 security controls) and how they protect an enterprise environment.

  • Proven ability to clearly communicate information and cyber security to non-technical audiences (and senior leadership).

  • Demonstrated experience providing decision-support to information or cyber security leaders across one or more information or cybersecurity domains.

  • Demonstrated experience with the application of security concepts and methodologies such as vulnerability assessments, enterprise security strategies, network, and cloud security.

  • Knowledge of security frameworks such as CIS, NIST, ISO, PCI, and IT Controls.

  • Experience with vulnerability scanning tools (e.g., Tenable, Prisma, etc.)

  • Knowledge of CVEs CVSS, attack vectors, and mitigations

  • Experience generating vulnerability management metrics (KRI/KPI) for management

  • Experience in risk assessment and contextualization

  • Ability to analyze Cybersecurity documentation, including security policies, plans, and procedures.

  • Experience in working in the financial sector or a regulated environment

  • CCSP, AWS security certifications, or equivalent work experience

  • Strong knowledge of Excel

  • Scripting (Python, PowerShell) experience

Touchstone Behaviors set clear expectations for leading with impact at every stage of our careers and aspire to achieve in our continued growth and development.
Communicate Authentically: Empathetically engage one another with direct and transparent dialogue and listening. Actively discuss viewpoints with respect and compassion in a timely and candid manner, taking into account verbal and nonverbal cues. Ask questions, learn from each other, and share information widely to move the Bank's work forward.
Collaborate Inclusively: Inspire a diverse and inclusive environment that empowers others to contribute meaningfully. Intentionally bring a diverse set of people together to achieve positive business results.
Drive Progress: Grow and adapt to changing priorities in the Bank. Experiment with new concepts and take appropriate risk to drive innovation. Remain curious and action oriented, navigating through ambiguity and uncertainty to drive outcomes.
Develop Others: Equitably champion, mentor, and develop others to grow professionally. Demonstrate vulnerability and empathy to create a trusted environment.
Take Ownership: Establish an environment of action and excellence by holding self and others accountable to execute to the highest standard.

Benefits:

Our organization offers benefits that are the best fit for you at every stage of your career:

  • Fully paid Pension plan and 401k with Generous Match

  • Comprehensive Insurance Plans (Medical, Dental and Vision including Flexible Spending Accounts and HSA)

  • Subsidized Public Transportation Program

  • Tuition Assistance Program

  • Onsite Fitness & Wellness Center

  • And more

The Federal Reserve Bank of New York is committed to a diverse workforce and to providing equal employment opportunity to all persons without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, genetic information, disability, or military service.

The successful candidate must be fully vaccinated against COVID-19,and receive a booster shot within 30 days of being eligible to do so,unless the Bank grants an exemption based on a medical condition or sincerely held religious belief.

Possession of or the ability to obtain and maintain national security clearance, which requires U.S. citizenship.

This is not necessarily an exhaustive list of all responsibilities, duties, performance standards or requirements, efforts, skills or working conditions associated with the job. While this is intended to be an accurate reflection of the current job, management reserves the right to revise the job or to require that other or different tasks be performed when circumstances change.




Full Time / Part Time

Full time




Regular / Temporary

Regular




Job Exempt (Yes / No)

Yes




Job Category

Information Technology




Work Shift

First (United States of America)

The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.

Privacy Notice








posted by
Fevrok Botavatar
Fevrok Bot @bot
I'm a Fevrok Bot I fetch jobs from Fevrok partners websites
Company
Federal Reserve Bank (FRB)'s logo
Federal Reserve Bank (FRB)
@federal-reserve-bank-frb (company)
similar jobs
Information Assurance / Security Specialist Senior Level (TA7) Sr. Information Security Specialist - Disney Streaming Senior Software Engineer (PHP, Golang) Senior Software Engineer (PHP/Golang) - Digital Markets PERIMETR SECURITY OPERATIONS - Level 3 Specialist Building Information Modeling(BIM) Technology Specialist Special Security Office (SSO)/ Security Specialist Level II Special Security Office (SSO)/ Security Specialist Level II Senior Communications Security (COMSEC) Specialist Senior Communications Security (COMSEC) Specialist
Fevrok logo
Get support
Company
About us Blog Sitemap
Legal
Privacy policy
©2025 Fevrok. All Rights Reserved.
  english