Company
Federal Reserve Bank of New York

At the Bank, we work full-time onsite with our teams. We believe being physically together allows us to draw on our collective strengths, while recognizing that the ability to work flexibly from time to time remains important to achieving our mission.

Our Unique Work:

Information Security New York (ISNY) is responsible for developing, executing, and maintaining a superior information security program that promotes resiliency by identifying and mitigating cyber risks and threats through risk-based consultation, advice, and direction for controls, designs, and investments for the entire Bank.

Within Information Security, the Cyber Security Assurance Department (CSA) is responsible for assessing risks associated with 3rd party vendors systems, software, IoT devices, ICS, technology processes, or outsourcing arrangements handling, processing, or storing Federal Reserve data. The team works directly with the business, providing guidance and managing risks. The department is also responsible for the integration of security practices into DevSecOps methodology, performing application security testing and working directly on security tooling integration as part of the CI/CD pipeline. The engagement and guidance to the product development teams are implemented through CSA analysts being embedded in the development squads to provide security advice during development and by managing the Security Champion Program in the Bank ensuring each product team has developers trained in security matters.

How You'll Make an Impact as a Cyber Security Assurance Analyst

You will work in a dynamic team environment and play an important role in helping the Federal Reserve carry out its responsibilities. The Cyber Security Risk Analyst will be responsible for risk assessments, Cloud mitigations, security application testing, thread modeling security design review and overall information systems risk management. The role is an individual contributor who will work closely with technology squads to flawlessly deliver technological projects to the business customers. The candidate will be required to perform risk assessments which include application security testing focusing on Cloud migration workloads with specific focus on the mission critical systems supporting Markets operations. The position resides in the Information Security Function and reports to Cyber Security Assurance Manager.

Role's objectives are:

• Perform Cloud application security risk assessments.
• Execute assessments timely and accurately.
• Manage relationship with the business unit assigned.
• Embed within the development squad to provide timely security advice.
• Preform application security testing ensuring only compliant workloads move to the Cloud.
• Support development squads in implementing security tooling in the CI/CD pipeline.

The Unique Skill Sets We're Looking For:

• Experience in executing assessments in the Cloud and against third party SaaS solutions.
• Expert knowledge of performing risk management based on NIST 800-53.
• Experience in determining vulnerability risk impact on key objectives and critical processes; ability to link risk management programs and initiatives to inform critical business strategies and processes.
• Experience in thriving in the DevSecOps culture and working closely with developers on delivering business value in agile quick release environment.
• Demonstrated leadership experience, managing projects, strong decision making and execution abilities.
• Strong experience managing and timely resolving security findings in the Agile management practice.
• Expert level application security testing skills supporting CI/CD pipeline.
• Experience evaluating 3rd party vendors supporting Banks processes with focus on date protection.
• Proven ability evaluating and securing Gen AI systems with internal and embedded models.
• Possession of or the ability to obtain and maintain National Security Clearance, which includes U.S. Citizenship when required

Other Things to Know:

Salary Range: $170,000k-$230,000k

We believe in transparency at the New York Fed. This salary range reflects a variety of skills and experiences candidates may bring to the job. We pay individuals along this range based on their unique backgrounds. Whether you're stretching into the job or are a more seasoned candidate, we aim to pay competitively for your contributions.

This position requires possession of or the ability to obtain and maintain national security clearance, which requires U.S. citizenship. Candidates must undergo an enhanced background check and will be tested for all controlled substances prohibited by federal law, to include marijuana.

How we'll Support You:

Our programs and benefits are designed to support you through all your life stages:

• Learning & Growing: Educational assistance, career development tools, and stretch opportunities
• Supporting Your Family: Parental leave, adoption assistance, back-up dependent and elder care, college planning resources, and more
• Managing Your Health: Comprehensive insurance plans, leave policies, onsite Health & Wellness Center, and onsite Fitness Center
• Optimizing Your Finances: Pension plan, 401(k) with generous match, financial planning resources, and subsidized public transportation program

Our culture is deeply grounded in our Touchstone Behaviors. By working with us, you'll have the opportunity to develop and demonstrate your ability to Communicate Authentically, Collaborate Inclusively, Drive Progress, Develop Others, and Take Ownership. These competencies shape our culture here at the Bank. They also provide a shared language for how we work together and achieve success and set clear expectations for leading with impact at every stage of your career. Learn more.

Apply now if you're ready to join us in strengthening the U.S. economy together. Want to consider our other opportunities? Click here to see all our open roles.

The New York Fed expects its employees to perform their duties with honesty, integrity, and impartiality, and without improper preferential treatment of any person. Learn more about our code of conduct and conflicts of interest rules.

We value accessibility for all candidates and are happy to provide an accommodation or assistance. Please email us at [email protected] and we'll be glad to help. Please note, this is a dedicated e-mail box designed exclusively to assist applications with accommodation requests in relation to our recruiting process. All other inquires including the status of applications will not receive a response from this e-mail box.

This is not necessarily an exhaustive list of all responsibilities, duties, performance standards or requirements, efforts, skills or working conditions associated with the job. While this is intended to be an accurate reflection of the current job, management reserves the right to revise the job or to require that other or different tasks be performed when circumstances change.

Full Time / Part Time
Full time

Regular / Temporary
Regular

Job Exempt (Yes / No)
Yes

Job Category
Information Technology Family Group

Work Shift
First (United States of America)

Always verify and apply to jobs on Federal Reserve System Careers (https://rb.wd5.myworkdayjobs.com/FRS) or through verified Federal Reserve Bank social media channels.

Privacy Notice