This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Info Security Specialist
Federal Reserve Bank - Omaha, NE
posted 3 months ago
About the position
The Information Security Specialist at the Federal Reserve Bank of Kansas City is responsible for providing security risk monitoring, analysis, and assurance activities. This role involves aligning organizational practices with security industry best practices and facilitating an understanding of the Federal Reserve System's information security policies. The specialist will engage in both project work and operational services, offering consulting and subject matter expertise to internal IT and business customers.
Responsibilities
- Develops and maintains the information security posture to protect the Bank's information assets.
- Analyzes, documents, and communicates risks using the Security Assurance for the Federal Reserve (SAFR) risk management process.
- Plans, develops, and delivers initiatives that promote sound cyber security practices, including training.
- Analyzes assessment results and compliance activities, reporting on findings and providing remediation recommendations.
- Determines asset risk levels and coordinates the development of security plans and packages.
- Reports on compliance and policy exceptions, maintaining non-compliance risk acceptance reviews.
- Provides input to the NIST Risk Management Framework (RMF) process and related documentation.
- Participates in supplier assessments to evaluate responses against required controls.
- Assists with information risk management services, including risk assessments for IT automation products.
- Enforces information security policies and procedures by creating security reports and investigating exceptions.
- Defines and maintains information security non-compliance review processes.
- Assists in audits and risk assessments for the department and end user departments.
- Provides guidance and training to less experienced staff.
- Helps plan and deliver initiatives that promote sound information security practices.
Requirements
- Typically requires at least 3 years of relevant IT experience.
- High school education or GED; Associate's degree in an IT field preferred.
- Industry recognized security certifications such as CISSP, CISM, CISA, AWS Security preferred.
- Experience leading or assisting with cyber security risk assessments or initiatives.
- Experience with risk-based control assessment methodologies.
- Experience developing assessment reports that communicate results and risks effectively.
- Familiarity with FISMA, FedRAMP, and NIST 800 publications.
- Demonstrated ability to lead multiple projects in a dynamic environment.
- Excellent interpersonal, communication, organizational, and analytical skills.
- Excellent consultative skills and ability to work effectively with various stakeholders.
Nice-to-haves
- Experience with Artificial Intelligence or FAIR risk assessment methodologies.
Benefits
- Competitive salary range of $72,000 to $134,600 based on qualifications and location.
- Hybrid work environment options available.
- Diversity and inclusion initiatives within the workplace.
