This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Info Security Specialist
Federal Reserve Bank - Oklahoma City, OK
posted 3 months ago
About the position
The Information Security Specialist at the Federal Reserve Bank of Kansas City is responsible for providing security risk monitoring, analysis, and assurance activities. This role involves aligning organizational practices with security industry best practices and facilitating an understanding of the Federal Reserve System's information security policies. The specialist will engage in both project work and operational services, offering consulting and subject matter expertise to internal IT and business customers.
Responsibilities
- Develops and maintains the information security posture to protect the Bank's information assets.
- Analyzes, documents, and communicates risks using the Security Assurance for the Federal Reserve (SAFR) risk management process.
- Plans, develops, and delivers initiatives that promote sound cyber security practices, including training.
- Analyzes assessment results and compliance activities, reporting on findings and providing remediation recommendations.
- Determines asset risk levels and coordinates the development of security plans and packages.
- Reports on compliance and policy exceptions, maintaining non-compliance risk acceptance reviews.
- Provides input to the NIST Risk Management Framework (RMF) process and related documentation.
- Participates in supplier assessments by evaluating responses against required controls.
- Assists with information risk management services, including risk assessments for IT automation products.
- Enforces information security policies and procedures by creating security reports and investigating exceptions.
- Defines and maintains information security non-compliance review processes.
- Assists in audits and risk assessments for the department and end user departments.
- Provides guidance and training to less experienced staff.
- Helps plan and deliver initiatives that promote sound information security practices.
Requirements
- Typically requires at least 3 years of relevant IT experience.
- High school education or GED; an Associate's degree in an IT field is preferred.
- Industry recognized security certifications such as CISSP, CISM, CISA, AWS Security are preferred.
- Experience leading or assisting with cyber security risk assessments or initiatives.
- Experience with risk-based control assessment methodologies.
- Experience developing assessment reports that communicate results and risks effectively.
- Familiarity with FISMA, FedRAMP, and NIST 800 publications.
- Demonstrated ability to lead multiple projects in a dynamic environment.
- Excellent interpersonal, communication, organizational, and analytical skills.
Nice-to-haves
- Experience with Artificial Intelligence and FAIR risk assessment methodologies.
Benefits
- Hybrid work environment (KC, Omaha, OKC, Denver)
- Competitive pay range of $72,000 to $134,600
- Diversity and inclusion initiatives
- Comprehensive benefits package
