Information Security Analyst
Federal Reserve System
Company
Federal Reserve Bank of Richmond
When you join the Federal Reserve—the nation’s central bank—you’ll play a key role, collaborating with leading tech professionals to strengthen and protect our economic, financial and payments systems. We invest in contemporary and emerging technology each year to support the Federal Reserve and our economy, and we’re building a dynamic and diverse team for our future.
Bring your passion and expertise, and we’ll provide the opportunities that will challenge you and propel your growth—along with a wide range of benefits and perks that support your health, wealth, and life. In addition to competitive compensation, we offer a comprehensive benefits package that includes tuition assistance, generous paid time off, top-notch health care benefits, child and family care leave, professional development opportunities, a 401(k) match, pension, and more. All brought together in a flexible work environment where you can truly find balance.
About the Opportunity
The Richmond Information Security (IS) Risk Management team has an immediate opening for an IS Analyst, reporting to the IS Senior Manager.
The IS Analyst is responsible for developing, maintaining and coordinating Fifth District information security activities related to Governance, Risk and Compliance (GRC) in support of the Bank’s information security and data privacy programs. This position provides risk management and consulting services to all levels of the organization in support of National and Fifth District Lines of Business.
What You Will Do:
- Supports the Security Assurance for the Federal Reserve (SAFR) program based on the NIST Risk Management Framework.
- Serves as an information security consultant to business areas by guiding them through the SAFR lifecycle, interpreting information security and data privacy policies and standards, advising on new security initiatives, and helping them manage information security risk to their business, the Bank and the Federal Reserve.
- Participates in and coordinates execution of assurance activities such as Security Control Assessments (SCA), Continuous Monitoring Control Assessments (CMCA), and COSO by testing management and operational controls and reporting results to management. Documents and tracks issues and/or deficiencies.
- Conducts security impact assessments on new software, data, technology components, and use cases.
- Conducts information security assessments of suppliers including third party vendors and cloud services. Advises on mitigating identified risks and changes requested by third parties to security and privacy provisions of our contracts.
- Analyzes, designs, and implements business processes and requirements to ensure appropriate risk management and alignment with information security policies, standards, and procedures.
Qualifications:
- Bachelor’s Degree in Cybersecurity, Computer Science, Information Systems, Business Administration or other related field, or equivalent combination of work experience and education.
- Industry recognized certifications within the domain of information security, privacy and information technology (e.g., CISSP, CRISC, CCSP, CISA, GIAC, etc.) considered a plus and recognized as an indication of work experience.
IS Analyst Intermediate:
3 to 5+ years of cybersecurity/IT or business/industry work experience encompassing information security, risk management, assurance, compliance, and IT auditing.
IS Analyst Senior:
5 to 9+ years of cybersecurity/IT or business/industry work experience encompassing information security, risk management, privacy, assurance, compliance, and IT auditing.
IS Analyst Advanced:
9 or more years of cybersecurity/IT or business/industry work experience encompassing information security, risk management, privacy, assurance, compliance, and IT auditing.
Knowledge/Skills:
- Broad knowledge of information security, risk management and data privacy fundamentals, policies and procedures.
- Excellent oral and written communication skills, as well as the ability to convey technical and security related issues to business audiences at all levels of the organization.
- Advanced critical thinking, problem solving, and implementation skills to facilitate resolution of information security and privacy issues including maintenance of an effective control environment.
- Detail oriented and self-motivated with strong organizational and prioritization skills to handle multiple priorities.
- Ability to work independently and collaboratively with a team as well as diverse workgroups.
- Familiarity with on prem and cloud architecture, Agile methodology, and DevSecOps concepts including threat modeling (preferred).
Discover the Reason Why So Many People Love It Here!
When you join the Richmond Fed, not only will you find a challenging and purposeful career, you’ll also have access to a wide range of benefits and perks that support your health and wealth, including:
- Great medical benefits
- Pension and 401(k) with employer match
- Paid time off
- Tuition reimbursement
- Employee resource networks
- Paid volunteer leave
- Flexible work options
- Onsite amenities that make working here fun!
Other Requirements and Considerations:
- Candidates should review the Bank’s Employee Code of Conduct to ensure compliance with conflict of interest rules and personal investment restrictions.
- If you need assistance or an accommodation due to a disability, please notify [email protected].
- Employees who work at and/or visit another Federal Reserve entity or outside business as part of their job duties are required to comply with any onsite safety and health protocols of those organizations (including, but not limited to, requirements to vaccinate or test, mask, social distance, etc.).
- Sponsorship is not available for this role. The selected candidate will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Eligibility for this specific position requires U.S. Citizenship.
- The hiring range for the IS Analyst Intermediate is $83,100 – $114,290 annually.
- The hiring range for the IS Analyst Sr. is $103,400 – $142,230 annually.
- The hiring range for the IS Analyst Adv. is $118,200 – $162,580 annually.
- Salary offered will be based on the job responsibilities and the individual’s knowledge, skills, and experience as defined in the job qualifications.
- The Fifth District provides a hybrid work environment. This position is required to be onsite on Tuesday, Wednesday, and Thursday each week.
- Selected candidate will be required to obtain the Security Assurance for the Federal Reserve (SAFR) certification within two months of hire.
- Applications are reviewed on a rolling basis. Interested candidates are strongly encouraged to apply by October 4, 2024.
- Always verify and apply to jobs on Federal Reserve System Careers or through verified Federal Reserve Bank social media channels.
Full Time / Part Time
Full time
Regular / Temporary
Regular
Job Exempt (Yes / No)
Yes
Job Category
Information Technology
Work Shift
First (United States of America)
The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.
Always verify and apply to jobs on Federal Reserve System Careers (https://rb.wd5.myworkdayjobs.com/FRS) or through verified Federal Reserve Bank social media channels.
Apply now
To help us track our recruitment effort, please indicate in your cover/motivation letter where (jobs-near-me.eu) you saw this job posting.