Info Security Specialist
$72,000 - $134,600/Yr
Federal Reserve Bank - Kansas City, MO
posted 3 months ago
Part-time,Full-time - Mid Level
Onsite - Kansas City, MO
Monetary Authorities-Central Bank
About the position
The Federal Reserve Bank of Kansas City is seeking an Information Security Specialist to enhance the security posture of the organization through risk monitoring, analysis, and assurance activities. This role involves aligning organizational practices with security industry best practices and providing consulting expertise to IT and business customers. The specialist will engage in both project work and operational services, focusing on the development and maintenance of security policies, risk assessments, and compliance reporting.
Responsibilities
- Develop and maintain the information security posture to protect the Bank's information assets.
- Analyze, document, and communicate risks using the Security Assurance for the Federal Reserve (SAFR) risk management process.
- Plan, develop, and deliver initiatives that promote sound cyber security practices, including training.
- Evaluate programs for effectiveness and improvement.
- Analyze assessment results and compliance activities, reporting on findings and providing remediation recommendations.
- Determine asset risk levels and coordinate the development of security plans and packages.
- Report on compliance and policy exceptions, maintaining non-compliance risk acceptance reviews.
- Provide input to the NIST Risk Management Framework (RMF) process and related documentation.
- Participate in supplier assessments to identify gaps in required controls.
- Assist with information risk management services, including risk assessments for IT automation products and projects.
- Enforce information security policies by creating security reports and investigating exceptions.
- Define and maintain information security non-compliance review processes and provide recommendations.
- Assist in audits and risk assessments for the department and end user departments.
- Provide guidance and training to less experienced staff.
- Assist with security communications, education, and outreach programs.
Requirements
- Typically requires at least 3 years of relevant IT experience.
- High school education or GED; Associate's degree in an IT field preferred.
- Industry recognized security certifications such as CISSP, CISM, CISA, AWS Security preferred.
- Experience leading or assisting with cyber security risk assessments or initiatives.
- Experience with risk-based control assessment methodologies.
- Experience developing assessment reports that communicate results and risks effectively.
- Familiarity with FISMA, FedRAMP, and NIST 800 publications.
- Demonstrated ability to lead multiple projects in a dynamic environment.
- Excellent interpersonal, communication, organizational, and analytical skills.
Nice-to-haves
- Experience with Artificial Intelligence and FAIR risk assessment methodologies.
Benefits
- Competitive salary range of $72,000 to $134,600 based on qualifications and location.
- Hybrid work environment with flexibility in location.
- Comprehensive health and wellness programs.
- Diversity and inclusion initiatives.
