This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Info Security Specialist
Federal Reserve Bank - Denver, CO
posted 3 months ago
About the position
The Federal Reserve Bank of Kansas City is seeking an Information Security Specialist to enhance the security posture of the organization through risk monitoring, analysis, and assurance activities. This role involves aligning organizational practices with security industry best practices and providing consulting expertise to internal IT and business customers. The specialist will engage in both project work and operational services, focusing on the development and delivery of cybersecurity initiatives and training.
Responsibilities
- Develops and maintains the information security posture to protect the Bank's information assets.
- Analyzes, documents, and communicates risks using the SAFR risk management process.
- Plans, develops, and delivers initiatives that promote sound cyber security practices, including training.
- Analyzes assessment results and compliance activities, reporting findings and providing remediation recommendations.
- Determines asset risk levels and coordinates the development of security plans and packages.
- Reports on compliance and policy exceptions, maintaining non-compliance risk acceptance reviews.
- Provides input to the NIST Risk Management Framework process activities and related documentation.
- Participates in supplier assessments to evaluate responses against required controls.
- Assists with information risk management services, including risk assessments for IT products and projects.
- Enforces information security policies and procedures by creating security reports and investigating exceptions.
- Defines and maintains information security non-compliance review processes and provides recommendations.
- Assists in audits and risk assessments for the department and end user departments.
- Provides guidance and training to less experienced staff.
- Assists with security communications and outreach programs, promoting sound information security practices.
Requirements
- Typically requires at least 3 years of relevant IT experience.
- High school education or GED; Associate's degree in information technology preferred.
- Industry recognized security certifications such as CISSP, CISM, CISA, AWS Security preferred.
- Experience leading or assisting with cyber security risk assessments or initiatives.
- Experience with risk-based control assessment methodologies.
- Experience developing assessment reports that communicate results and risks effectively.
- Familiarity with FISMA, FedRAMP, and NIST 800 publications.
- Demonstrated ability to lead multiple projects in a dynamic environment.
- Excellent interpersonal, communication, organizational, and analytical skills.
Nice-to-haves
- Experience with Artificial Intelligence and FAIR risk assessment methodologies.
Benefits
- Competitive salary range of $72,000 to $134,600 based on qualifications and location.
- Diversity and inclusion initiatives within the workplace.
