Information Security Specialist
Company
Federal Reserve Bank of Boston
This position is primarily responsible for implementing Boston's Vulnerability Management process from detection to remediation. A successful candidate will be able to generate reports and recommend or implement changes to remediate vulnerabilities across multiple lines of business. Responsibilities include Pen-Testing, configuring reoccurring vulnerability scanning against workstations as well as web applications, developing reporting based on these scan results to be compliant with the latest FRISS standards, and developing and implementing procedures to ensure the confidentiality, integrity, and availability of Federal Reserve information assets. Responsibilities will also include general Information Security Operations tasks where needed, so there will be opportunities to expand other Information Security related skillsets. The position provides leadership and direction to management in the evaluation and disposition of the Bank's information security activities. This position also provides District level consulting support and guidance on Federal Reserve System technology initiatives as they relate to local information security operations/mission, and is knowledgeable in the principal technologies of the Bank's mission.
Principal Accountabilities
Conducts penetration testing, vulnerability assessments, risk management assessments, and general security assessments of hardware, software, and information systems. Directs technical system reviews, risk management assessments, and security assessments for all Bank information systems. Recommends systems, technologies, and applications to improve the Bank's information security posture and efficiency. Interacts with Division management on security planning issues either directly or through their immediate supervisor. Develops and evaluates policies, standards, procedures, and training needs related to the Bank's computing environment. Performs incident response activities for security events and may participate in forensics and detailed technical investigations. Contributes to, and/or leads System level security work groups. Responsible for developing and conducting security-related training sessions and developing and communicating awareness programs. Ensures that user community understands and adheres to necessary procedures to maintain security. Accurately identifies and makes recommendations regarding the level of security required for information systems and provides technical expertise to assist in the mitigation of identified risks. Performs problem determination as needed and recommends changes to existing procedures or software configurations to reduce risk.
Other Accountabilities
Independently provides advanced security consultation in the preparation of requirements, design, and implementation for Bank information systems. Works directly with local business lines and key stakeholders to identify and articulate risk and provide recommendations to mitigate risk. Manages complex security projects including planning, scheduling and delivery. Continually advances technical knowledge in security-related technologies through self-education and formal training. Perform other duties as assigned. May be required to perform 24-hour on-call security incident response, but it's worth noting these instances are less than once a year on average.
Supervision
This position is not required to directly supervise others.
Knowledge and Experience
Knowledge and experience normally acquired through, or equivalent to, the completion of a Bachelor's degree and a minimum of 5 years of related experience. A CISSP is strongly desired.
Full Time / Part Time
Full time
Regular / Temporary
Regular
Job Exempt (Yes / No)
Yes
Job Category
Work Shift
First (United States of America)
The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.
Privacy Notice