The Federal Reserve Bank of San Francisco is looking for a Sr./Lead IT Security Analyst to join our Information Security Team. The Federal Reserve has a global mission and offers leading edge work in a stable environment with competitive pay, superior benefits AND a true "work life balance". If you desire to be part of a world-class team and to develop your skills and experience beyond anything available in the commercial sector, the Federal Reserve is the place for you.
In this role, you will perform at an advisory level, and leverage your experience in Cyber Risk management, and Information Security compliance, to collaborate with our team of five professionals. You will advise on all efforts related to "Security Assurance for the Federal Reserve" (internally known as "SAFR") assessments, for all internal technologies, and external service providers.
Provide advice and support to the Federal Reserve System (FRS) and 12L District risk strategies, identify risks in the Bank's processes and technologies, and lead improvement initiatives to minimize risk. The ideal candidate for this role will have the ability to blend and utilize their technical, organizational, business, and cyber security skill-sets.
Understand technical implementation details necessary to assess and recommend NIST and other control improvements or identify mitigating controls.
Support and ensure compliance with Bank and FRS security controls, policies and procedures.
Drive education of process/control owners so they better understand the controls framework and their operational responsibilities.
Partner with stakeholders to make sure there are successful security programs that align with compliance requirements.
At lead level, actively lead or participate in workgroups and meetings within the department, Bank, FRS, and external business partners.
Bachelor degree in Information Technology/Computer Science/MIS, or related disciplines and/or equivalent work experience.
U.S. Citizenship is required for this role.
5+ years of work experience within related information technology field, which include 3 years of experience in the security aspects of multiple platforms, operating systems, communications, and network protocols.
Proven knowledge and experience of security controls across all NIST domains.
Excellent interpersonal, communication, organizational, and analytical skills.
Excellent consultative skills, and the demonstrable ability to work effectively with business partners, internal management and staff, vendors and consultants.
Demonstrable ability to communicate technical issues to technical and non-technical business partners.
Strong critical thinking, analytic and problem-solving skills required.
Certification in SAFR is required within 3 months of hire.
Experience with NIST, FedRAMP or other government frameworks.
Familiar with NIST 800 special publications, ISO 27000, Cloud Security Alliance (CSA), and FedRAMP.
Meaningful industry certifications such as CISA, CISM, CCSK, and/or CCSP.
Knowledge of the roles and responsibilities of the Federal Reserve's IT organizations, National Information Technology Operations (NITOs), and other FRS support organizations.
Demonstrated understanding of compliance, audit process and ability to adhere/manage various risk controls.
Demonstrable ability to influence and build relationships with various technical teams, business owners and management at all levels of the organization to successfully deliver on changing business need.
Solid skills in programs including, but not limited to, the MS Office Suite, MS Visio, MS Project and MS SharePoint.
At the Federal Reserve Bank of San Francisco we believe in the diversity of our people, ideas, and experiences and are committed to building an inclusive culture that is representative of the communities we serve. The Federal Reserve Bank of San Francisco is an Equal Opportunity Employer.