Our Unique Work:
Information Security New York (ISNY) is responsible for developing, executing, and maintaining a superior information security program that promotes resiliency by identifying and mitigating cyber risks and threats through risk-based consultation, advice, and direction for controls, designs, and investments for the entire Bank.
Within Information Security, the Cyber Security Assurance Department (CSA) is responsible for assessing risks associated with 3rd party vendors systems, software, IoT devices, ICS, technology processes, or outsourcing arrangements handling, processing, or storing Federal Reserve data. The team works directly with the business, providing guidance and managing risks. The department is also responsible for the integration of security practices into DevSecOps methodology, performing application security testing and working directly on security tooling integration as part of the CI/CD pipeline. The engagement and guidance to the product development teams are implemented through CSA analysts being embedded in the development squads to provide security advice during development and by managing the Security Champion Program in the Bank ensuring each product team has developers trained in security matters.
How You’ll Make an Impact as a Cyber Security Assurance Analyst
You will work in a dynamic team environment and play an important role in helping the Federal Reserve carry out its responsibilities. The Cyber Security Risk Analyst will be responsible for risk assessments, Cloud mitigations, security application testing, thread modeling security design review and overall information systems risk management. The role is an individual contributor who will work closely with technology squads to flawlessly deliver technological projects to the business customers. The candidate will be required to perform risk assessments which include application security testing focusing on Cloud migration workloads with specific focus on the mission critical systems supporting Markets operations. The position resides in the Information Security Function and reports to Cyber Security Assurance Manager.
Role’s objectives are:
Perform Cloud application security risk assessments.
Execute assessments timely and accurately.
Manage relationship with the business unit assigned.
Embed within the development squad to provide timely security advice.
Preform application security testing ensuring only compliant workloads move to the Cloud.
Support development squads in implementing security tooling in the CI/CD pipeline.
The Unique Skill Sets We’re Looking For:
Experience in executing assessments in the Cloud and against third party SaaS solutions.
Expert knowledge of performing risk management based on NIST 800-53.
Experience in determining vulnerability risk impact on key objectives and critical processes; ability to link risk management programs and initiatives to inform critical business strategies and processes.
Experience in thriving in the DevSecOps culture and working closely with developers on delivering business value in agile quick release environment.
Demonstrated leadership experience, managing projects, strong decision making and execution abilities.
Strong experience managing and timely resolving security findings in the Agile management practice.
Expert level application security testing skills supporting CI/CD pipeline.
Experience evaluating 3rd party vendors supporting Banks processes with focus on date protection.
Proven ability evaluating and securing Gen AI systems with internal and embedded models.
Possession of or the ability to obtain and maintain National Security Clearance, which includes U.S. Citizenship when required
Other Things to Know:
Salary Range: $170,000k-$230,000k
We believe in transparency at the New York Fed. This salary range reflects a variety of skills and experiences candidates may bring to the job. We pay individuals along this range based on their unique backgrounds. Whether you’re stretching into the job or are a more seasoned candidate, we aim to pay competitively for your contributions.
This position requires possession of or the ability to obtain and maintain national security clearance, which requires U.S. citizenship. Candidates must undergo an enhanced background check and will be tested for all controlled substances prohibited by federal law, to include marijuana.
How we’ll Support You:
Our programs and benefits are designed to support you through all your life stages:
Learning & Growing: Educational assistance, career development tools, and stretch opportunities
Supporting Your Family: Parental leave, adoption assistance, back-up dependent and elder care, college planning resources, and more
Managing Your Health: Comprehensive insurance plans, leave policies, onsite Health & Wellness Center, and onsite Fitness Center
Optimizing Your Finances: Pension plan, 401(k) with generous match, financial planning resources, and subsidized public transportation program
Our culture is deeply grounded in our Touchstone Behaviors. By working with us, you’ll have the opportunity to develop and demonstrate your ability to Communicate Authentically, Collaborate Inclusively, Drive Progress, Develop Others, and Take Ownership. These competencies shape our culture here at the Bank. They also provide a shared language for how we work together and achieve success and set clear expectations for leading with impact at every stage of your career. Learn more.
Apply now if you’re ready to join us in strengthening the U.S. economy together. Want to consider our other opportunities? Click here to see all our open roles.
The New York Fed expects its employees to perform their duties with honesty, integrity, and impartiality, and without improper preferential treatment of any person. Learn more about our code of conduct and conflicts of interest rules.
We value accessibility for all candidates and are happy to provide an accommodation or assistance. Please email us at ny.leaves@ny.frb.org and we’ll be glad to help. Please note, this is a dedicated e-mail box designed exclusively to assist applications with accommodation requests in relation to our recruiting process. All other inquires including the status of applications will not receive a response from this e-mail box.
This is not necessarily an exhaustive list of all responsibilities, duties, performance standards or requirements, efforts, skills or working conditions associated with the job. While this is intended to be an accurate reflection of the current job, management reserves the right to revise the job or to require that other or different tasks be performed when circumstances change.
The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.
Always verify and apply to jobs on Federal Reserve System Careers (https://rb.wd5.myworkdayjobs.com/FRS) or through verified Federal Reserve Bank social media channels.