F

Federal Reserve Bank of Kansas City

Information Security Specialist

Kansas City, MO (On-site)

Federal Reserve Bank of Kansas City
 
 The Federal Reserve Bank of Kansas City is one of 12 regional Reserve Banks that, along with the Board of Governors in Washington, D.C., make up our nation's central bank. Our work promotes a safe, sound, and stable financial system which fosters an economy that works for everyone, so people can find jobs and prices remain stable.
 
 Together, we serve in an innovative environment that values our employees and applies the highest ethical standards. Our culture is deeply rooted in our service to our nation and our organizational values of integrity, service, innovation, inclusion, growth, and development. As an employee with us, you’ll find support to grow amongst a diverse team, while feeling united by our clear and common purpose.
 
 About FRFS
 
The Federal Reserve Financial Services (FRFS) enterprise delivers a suite of payments services to financial institutions via FedLine¬ģ Solutions, Fedwire¬ģ, National Settlement Service (NSS), FedCash¬ģ1, FedACH¬ģ (Automated Clearing House), and Check Services.
 
 We are engaged in a strategic effort to transform FRFS to a national, enterprise-focused organization. Over time, FRFS will offer an increasingly integrated set of Federal Reserve payment services, incorporating the FedNowSM Service upon its market entry in 2023.
 
 Through our evolved structure, we will meet the needs of the marketplace for new products and services more quickly and provide a more robust and unified customer experience across our financial service offerings.
 
 About The Role
 
The FRFS Technology Group is filling multiple Information Security Specialist positions. In this position you will be focused on providing information and cyber security assurance within the FRFS enterprise. This will include executing security risk assessments, supporting information security risk management, conducting 3rd party risk assessment, and strengthening software security practices for both cloud and on-premises solutions. Your participation will include providing inputs on cyber assurance strategic and tactical direction.
 
 The primary desired work location for this position is Kansas City, but remote worker candidates and candidates that live near one of our Reserve Bank offices will be considered. Candidate that do office from one of our Reserve Bank locations will have so work from flexibility. Rules for hybrid work arrangements differs from Bank to Bank and should be discussed during the interview process.
 
 This position will require you to travel as much as 30% of the time.
 
 Key Activities: 

  • Execute and maintain NIST based cyber risk assessments and management practices on FRFS information technology cloud and on-premises portfolio.
  • Identify, measure, monitor, report on security risks within the information technology domain, and assess the adequacy of controls including information security, cybersecurity, and mitigation practices for technical vulnerabilities.
  • Execute and maintain software security practices including security policies for tooling (SAST, DAST, OSS, IAST) to increase effectiveness and reduce false positives; promote and build procedures for the security champions in the Agile squads; and bring IS policy and standard expertise into the Agile squads.
  • Experienced in reviewing results from technical testing tools to identify vulnerabilities and contextualize business impact of cyber risks respectively.
  • Contribute to the vision, strategy, values, and priorities that help the FRFS enterprise achieve its mission, as a member of the FRFS Technology Team.
  • Develop close relationships with key stakeholders and external partners to ensure contemporary thinking, including the FRFS Technology Leadership Team, FRFS Leadership Team, and National IT stakeholders, with particular emphasis on collaboration with the Office of the Chief Information Security Officer to ensure complementary actions and avoid duplicative services.
     

What We Look For
 

  • Demonstrated working knowledge of enterprise cyber risk assessment and management and software security practices or equivalent experiences.
  • Understanding and working experience with risk management and control frameworks (NIST 800-53) and industry best practices. Understanding of vulnerability risk impact on key outcomes and critical processes.
  • Experienced in risk management programs and initiatives to inform critical business strategies and processes. Knowledge of and experience implementing industry standards, frameworks, and best practices in cyber risk management programs, practices, and processes inclusive of risk identification, analysis, response, communication, monitoring and escalation.
  • Experienced in conducting IS or Cyber Risk assessments with Cloud and/or on-premises products in an agile development environment. Works independently with little oversight, serves as a thought leader for solving complex business problems with innovative solutions. As well provide coaching to staff on specific projects and lead large complex security efforts as needed.
  • Demonstrated ability to collaborate with peers in developing security and technical testing practices in alignment with business needs and FR System standards, translate the practices into actionable plans, and deliver results.
  • Demonstrated ability to work cross-System with both embedded and matrixed resources in pursuit of a common objective.
  • Excellent change management skills, including advocating, anticipating, and orchestrating change.
  • Experience serving as a champion of building a diverse and inclusive work environment.
  • Intellectually curious and agile, with demonstrated ability to experiment and lead innovation.
     

Qualifications:

  • Bachelor‚Äôs degree required in business, technology, information security or related fields or equivalent work experience.
  • A minimum of 10+ years of progressive experience in technology, and information security
  • Current or prior experience in the FRFS is beneficial.
  • Federal Reserve System SAFR certification preferred, or commensurate certification and experience in information security assurance.
  • Must be fully vaccinated against COVID-19, unless the Bank grants an accommodation based on a medical condition or sincerely held religious belief.
     
    This position has additional screening requirements due to the information accessed while performing the job. These additional screenings would be initiated at the time of offer acceptance and can take up to a couple of months to be completed. You can begin work before the screening is completed; however, continued employment is contingent on acceptable screening results. The areas screened may include education/employment verification, criminal history, credit history, and reference checks.

 
 Our Total Rewards programs offers benefits that go beyond the basics:

  • ¬†Market-leading Medical, Dental, and Vision Insurance
  • ¬†Tuition Reimbursement
  • ¬†401k/Thrift Plan
  • ¬†Pension Plan
  • ¬†Vacation & Personal Time
  • ¬†Paid Holidays
  • ¬†Additional benefits are unique to each Federal Reserve Bank District.
     
    Follow us on LinkedIn, Instagram, Twitter, and our YouTube channel - Kansas City Fed.

Get new jobs update?

© 2022 P2PSEC. All rights reserved.