Sr. IT Security Analyst – Information Security at Federal Reserve Bank (FRB) in San Francisco, California

Job Description:

Company

Federal Reserve Bank of San Francisco

The Federal Reserve Bank of San Francisco is looking for a Senior IT Security Analyst to join our Information Security team. The Federal Reserve has a global mission and offers pioneering work in a stable environment with competitive pay, superior benefits AND a true “work life balance”. If you desire to be part of a world-class team and to develop your skills and experience beyond anything available in the commercial sector, the Federal Reserve is the place for you!

The mission of the SF Fed, one of twelve Districts within the Federal Reserve System (FRS), is to promote low inflation, full employment, and financial stability, and provide services to financial institutions. As the largest District by geography and size of economy, the importance of our success cannot be understated.

What we are looking for:

Our ideal candidate has a strong security approach, a background in Information Security Risk Management, and is confident providing cyber security advice to leaders all the way to the executive level. You should have the ability to partner with business partners to find solutions, be comfortable presenting to groups of varying sizes, have strong customer service and relationship building skills, and be able to build trust and influence with technical and non-technical partners. Overall, the ability to proactively drive solutions, effectively collaborate across many disciplines and businesses, and a strong commitment to supporting the mission of the Federal Reserve are a must.

What you will do:

In this role, you will perform at an advisory level and demonstrate your experience in Information Security Risk Management and Information Security to develop positive working relationships and collaborate with various District organizations to advise on all efforts related to “Security Assurance for the Federal Reserve” (internally known as “SAFR”) for internal technologies and external service providers.

You will work with the other members of the Risk Management and Assessment Function of the Information Security team to perform risk assessments, communicate and document information security risk, evaluate security controls, and assess the quality of security control documentation. You will work with business partners to collect relevant information for both on-premises systems and third-party systems. You will provide risk guidance to ensure that senior leadership understands the key risks in the systems they own and how accepted risk compares with the risk appetite of the organization.

Essential responsibilities:

The ideal candidate for this role will have the ability to blend and apply their technical, organizational, business, and cyber security abilities, to:

• Support 12th District risk strategies, identify risks in Bank processes and technologies, and lead improvement initiatives to minimize risk


• Serve as a domain expert on security policy in the 12th District and influence policy development at the Federal Reserve System level


• Support and ensure compliance with Bank and FRS security controls, policies, and procedures


• Establish and foster long-term relationships with partners and contacts in assigned business areas


• Drive education of process/control owners, so they better understand the controls framework and their operational responsibilities


• Understand technical implementation details necessary to assess security risk and recommend security control improvements or identify mitigating controls


• Perform complex analysis of security issues and advise business partners on solutions


• Partner with developers and business areas to understand their technical and business requirements and help enable them to do their work securely


• Evaluate external service providers to identify and communicate associated risks and identify shared security responsibility between the vendor and the Federal Reserve


• Prepare assessment reports to document assessment scope, procedures, findings, and recommendations; interpret the significance of assessment findings, conclude on findings, and make practical recommendations for remediation


• Communicate security risk and implications to partners at all levels, including executives


• Collaborate and influence work multi-functionally; navigate ambiguity while leading multiple projects simultaneously in a fast-paced, results-driven environment, accepting accountability of the process and delivering on commitments

Requirements:

• Bachelor’s degree in Computer Science/Information Technology/Cybersecurity, or related disciplines and/or equivalent work experience


• Typically requires five or more years of experience in cybersecurity including security advising, security assessment, security architecture, and/or security engineering


• Familiarity with NIST 800 special publications, FedRAMP, and other risk frameworks


• Able to explain complex IT and data related issues to non-expert, non-IT staff and management in a manner that allows clear comprehension of the risk implications


• Ability and willingness to work responsibly without direct supervision in a hybrid environment


• Excellent customer service, collaboration, interpersonal, and influencing skills


• Superb communication skills (written and verbal), critical thinking, analytical, and problem-solving skills


• Track record of taking initiative to address problems and make process improvements


• Self-starter with the ability to prioritize work and balance multiple projects and tasks simultaneously


• Exceptional consultative skills and a demonstrable ability to work effectively with business partners, internal management and staff, and vendors and consultants


• U.S. Citizenship is required for this role

Helpful but not required skills:

• Understanding of Cloud (AWS and/or Azure) architecture and services and implications to security


• Meaningful industry certifications such as CISSP, CRISC, and/or CCSP. Cloud vendor specific certifications such as AWS Security Specialty and/or Azure Security Engineer Associate.


• Experience with security control testing, DevSecOps, and threat modeling.

This is a hybrid role which requires some in office time with a heavy “work from home” option. If you do not live within the local, commutable distance to one of our locations and you are interested in relocation, please include a cover letter with your application letting us know.  We are able to provide relocation assistance.

All employees must be fully vaccinated against COVID-19 or qualify for an accommodation from the Bank’s vaccination policy; the Bank will provide accommodations as required by law for individuals unable to be vaccinated due to medical condition or sincerely held religious belief.

At the Federal Reserve Bank of San Francisco, we offer a wonderful benefits package including: Medical, Dental, Vision, Pretax Flexible Spending Account, Paid Family Leave Care, Backup Child Care Program, Pretax Day Care Flexible Spending Account, Vacation Days, Sick Days, Paid Holiday’s, Pet Insurance, Matching 401(k), and an unheard of Retirement / Pension.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment.

At the SF Fed, we believe in the diversity of our people, ideas, and experiences and are committed to building an inclusive culture that is representative of the communities we serve. The SF Fed is an Equal Opportunity Employer.

LI-Hybrid

Full Time / Part Time

Full time

Regular / Temporary

Regular

Job Exempt (Yes / No)

Yes

Job Category

Information Technology

Work Shift

First (United States of America)

The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.

Privacy Notice

Salary:

$145,000.00

Apply Now