Federal Reserve System

Cyber Defense Specialist

Pay$142000.00 - $169500.00 / year
LocationNew York/New York
Employment typeFull-Time

This job is now closed

Apply to similar jobs

  • Job Description

      Req#: R-0000019791

      Company

      Federal Reserve Bank of New York

      Working at the Federal Reserve Bank of New York positions you at the center of the financial world with a unique perspective on national and international markets and economies. You will work in an environment with a diverse group of experienced professionals to foster and support the safety, soundness, and vitality of our economic and financial systems.

      The Bank believes in work flexibility to balance the demands of work and life while also connecting and collaborating with our colleagues in person. Employees can expect to be in the office a couple of days per week as needed for meetings and team collaboration and should live within a commutable distance.

      What we do:

      Information Security New York (ISNY) is responsible for developing, executing, and maintaining a superior information security program that promotes resiliency by identifying and mitigating cyber risks and threats through risk-based consultation, advice, and direction for controls, designs, and investments for the entire Bank.


      Your Role as a Cyber Defense Specialist:

      ISNY is seeking an experienced and passionate cybersecurity professional who will drive our existing endpoint vulnerability management (VM) program. Endpoints are the most common vector of exploitation, so it is critical that these are always secure. The successful candidate will have the opportunity not only to improve the posture of the Federal Reserve Bank of New York, but also to build, nurture, and strengthen our partnerships within the Federal Reserve System. You will do the following:

      • Manage vulnerability risk for the largest district in the Central Bank of the United States
      • Analyze software vulnerabilities identified on FRBNY endpoints (and other device types)
      • Analyze existing security control endpoints to strengthen the controls that could make vulnerability exploitation more likely – such as email-based controls, Data Loss Protection, software currency, technical debt, etc.
      • Platform configuration hardening
      • Develop, improve, and communicate a compelling strategy and roadmap for endpoint vulnerability management.
      • Build relationships with remediation teams, technical support, and business areas.
      • Proactively identify business projects that could impact our endpoint vulnerability processes, tooling, or cyber risk posture writ large
      • Identify and eliminate root causes of vulnerabilities or impediments to their remediation in our environment.
      • Measuring, reporting, and presenting on our team’s performance against objectives, policy compliance targets, and programmatic goals (e.g., SLAs, KPIs, KRIs, OKRs)

      What we are looking for:

      Required Skills:

      • A risk-based mindset from an individual who is inquisitive, data-driven, and not afraid to challenge the status quo.
      • A highly driven self-starter who is comfortable communicating cyber concepts and risk management to all levels of personnel
      • Extensive experience in information system vulnerability management (with an emphasis on endpoint devices, but also including experience w/ server, virtual, and cloud-native information systems)
      • Extensive experience in reviewing, analyzing, and creating cybersecurity documentation, including security policies, remediation plans, plan of action and milestones (POAMs) and procedures.
      • Extensive experience in the development and delivery of security metrics (e.g., KRIs, KPIs) and associated vulnerability reporting (including visualizations and PowerPoint) KRIs and KPIs
      • Proven ability to collaborate with other IT professionals, including network engineers, desktop support, application owners, and system administrators, to integrate security controls and considerations into existing systems and processes.
      • Proven ability to communicate effectively across all levels of the organization, including the delivery and explanation of complex security-related concepts in clear, concise, and understandable terms.
      • Strong experience in the analysis of emerging attack trends (and corresponding mitigation techniques)
      • Strong understanding of cloud computing and the associated security controls in varied Cloud environments (i.e., IaaS, PaaS, SaaS, multi-cloud).
      • Strong understanding of software version control, technical debt, and their impact on vulnerability management
      • Strong understanding and application of NIST-based security frameworks
      • Experience in performing cyber risk assessments.

      Preferred Skills:

      • Knowledge of foundational security controls (Example: CIS 20 security controls) and how they protect an enterprise environment.
      • Understanding of the OWASP top 10 vulnerabilities and other application security concepts (and suggested mitigations)
      • Strong knowledge of Excel, Word, and PowerPoint
      • Experience with data reporting and analysis tools (Examples: Tableau, PowerBI, etc.)
      • Experience with PowerShell and SQL query creation and modification

      Salary Range: $142000 - $169500 / year

      We believe in transparency at the NY Fed. This salary range reflects a variety of skills and experiences candidates may bring to the job. We pay individuals along this range based on their unique backgrounds. Whether you’re stretching into the job or are a more seasoned candidate, we aim to pay competitively for your contributions .

      Our Touchstone Behaviors —Communicate Authentically, Collaborate Inclusively, Drive Progress, Develop Others, and Take Ownership —help shape the culture of the Bank. They also provide a shared language for how we work together and achieve success, and they set clear expectations for leading with impact at every stage of your career with us. Learn more.

      Benefits:

      O ur organization offers benefits that are the best fit for you at every stage of your career:

      • Fully paid Pension plan and 401k with Generous Match

      • Comprehensive Insurance Plans (Medical, Dental and Vision including Flexible Spending Accounts and HSA)

      • Subsidized Public Transportation Program

      • Tuition Assistance Program

      • Onsite Fitness & Wellness Center

      • And more

      This position requires a National Security Clearance, access to which is limited to U.S. Citizens . In addition, candidates must undergo an enhanced background check, comply with all applicable information handling rules, and will be tested for all controlled substances prohibited by federal law, to include marijuana, prior to hire and during employment.

      The New York Fed expects its employees to perform their duties with honesty, integrity, and impartiality, and without improper preferential treatment of any person. Learn more about our code of conduct and conflicts of interest rules.

      The Federal Reserve Bank of New York is committed to a diverse workforce and to providing equal employment opportunity to all persons without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, genetic information, disability, or military service.

      We value accessibility for all candidates and are happy to provide an accommodation or assistance. Please email us at ny.leaves@ny.frb.org and we’ll be glad to help.

      This is not necessarily an exhaustive list of all responsibilities, duties , performance standards or requirements , efforts, skills or working conditions associated with the job. While this is intended to be an accurate reflection of the current job, management reserves the right to revise the job or to require that other or different tasks be performed when circumstances change.

        Full Time / Part Time

        Full time

        Regular / Temporary

        Regular

        Job Exempt (Yes / No)

        Yes

        Job Category

        Information Technology

        Work Shift

        First (United States of America)

        The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.

        Privacy Notice

    • About the company

        The Federal Reserve System is the central banking system of the United States of America.

    Notice

    Talentify is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.

    Talentify provides reasonable accommodations to qualified applicants with disabilities, including disabled veterans. Request assistance at accessibility@talentify.io or 407-000-0000.

    Federal law requires every new hire to complete Form I-9 and present proof of identity and U.S. work eligibility.

    An Automated Employment Decision Tool (AEDT) will score your job-related skills and responses. Bias-audit & data-use details: www.talentify.io/bias-audit-report. NYC applicants may request an alternative process or accommodation at aedt@talentify.io or 407-000-0000.

    Other job opportunities

    cyber remote jobs
    cyber security jobs london remote
    cyber security jobs remote
    cyber security remote jobs
    director cyber security jobs remote
    Cyber Defense Specialist remote jobs
    More information about Federal Reserve System