The Federal Reserve is developing a new interbank 24x7x365 real-time grosssettlement (RTGS) service with integrated clearing functionality, called theFedNow service. This service will help enable financial institutions providetheir customers with the ability to send and receive payments any time, anyday, and have full access to those funds within seconds. This position is a unique opportunity to bepart of a new mission-critical Federal Reserve initiative that will betransformative to the payments landscape in the United States.
This position is responsible for developing and maintainingcybersecurity risk and compliance activities for the FedNow service. The Senior Cyber Risk Specialist position reports to the Cyber RiskManager.
Whatwill be expected of you-
Develop, update,and maintain FedNow security compliance documentation based on Federal Reserve informationsecurity framework and standards. This includes executing security activities basedon NIST frameworks and related assessment activities for FedNow informationsystems.
Assist indeveloping and implementing additional guidelines and processes tailoredspecifically for FedNow implementation of security requirements. Provideoperational support following implementation.
Maintain and mature the FedNowcyber risk register. Collaborate with other FedNow business areas and FRSpartners to identify, prioritize, and manage risks impacting the FedNow serviceand operations.
Provide expert security recommendationsand consultation to FedNow business and technology teams to aid in riskmanagement and compliance activities and the interpretation, application andadherence of information security policies for the FedNow service.
Assist in designing continuousmonitoring activities, favoring automation of controls where possible, toensure the FedNow environment operates within an acceptable risk threshold atall times.
Where applicable, coordinate 3rdparty security risk management processes including overseeing initial assessments,managing continuous monitoring activities, and contextualizing risk for theFedNow team.
Design and developdata-driven reports on FedNow people, process, and technology to guide riskmanagement decisions.
Monitor theevolving technology and risk management landscape both externally and withinthe FRS to ensure the FedNow security program is evolving with modern practices
Maintain ongoingawareness of developments of FRS and external (as applicable) securityframeworks and guidance.
Expertiseyou will bring-
Knowledge and experience normally acquiredthrough, or equivalent to, the completion of a Bachelors degree and a minimumof 4-6 years of relevant jobexperience.
Possess knowledge of risk management principles andindustry-standard security risk management frameworks (e.g. NIST, ISO, FedRAMP).
Experience in applying security frameworks and riskmanagement activities in a cloud environment is strongly preferred.
Possess knowledge about or have experience in supportingpayments applications or platforms.
Practical experience in building and supporting processautomation (e.g., scripting skills) is strongly preferred.
Must possess or be able to obtain appropriate industrycertifications such as the CISSP, CRISC, and/or CCSP. Must possess or be ableto obtain FRS security risk management certification.
Proven ability to prioritize, reprioritize and demonstratesappropriate agility to manage competing and sometimes conflicting priorities.
Strong oral and written communication skills.
Proven project management skills and the ability to lead anddirect technical and business teams without formal authority.
Ability to flexibly adapt to a rapidly changing environmentand generate effective and innovative solutions to address change.
A self-starter who is willing to explore, learn new areasand concepts, and promote and support innovation.
Periodic Travel within U.S. may be required 10-15% of time
The Federal Reserve System iscommitted to a diverse and inclusive workplace and to provide equal employmentopportunities to all persons without regard to race, color, religion, nationalorigin, sex, sexual orientation, gender identity, age, genetic information,disability, or military service.
All employees assigned to thisposition will be subject to FBI fingerprint/ criminal background and PatriotAct/ Office of Foreign Assets Control (OFAC) watch list checks at least onceevery five years.
The above statements are intendedto describe the general nature and level of work required of this position.They are not intended to be an exhaustive list of all duties, responsibilitiesor skills associated with this position or the personnel so classified. Whilethis job description is intended to be an accurate reflection of this position,management reserves the right to revise this or any job description at itsdiscretion at any time.
For this job, any offer ofemployment is contingent upon successfully passing a two-phase securityscreening. The first phase consists of the satisfactory completion of aphysical examination (including a drug screening), reference checks, and asecurity investigation consisting of credit and criminal historychecks.
The second phase, which might notbe complete until after you begin working at the Reserve Bank, is an additionalrisk-based security screening determined by the risk rating of theposition. Depending upon the sensitivity of the position, this phase mayinclude, and is not limited to, work and residency eligibility verification,and personal interviews with the candidate, references, and prior employers.
All applicants must have resided inthe United States for at least three (3) years