Retail Payments Sr. Information Security Analyst

📁
Analytical
📅
267294 Requisition #

As an employee of the Atlanta Fed, you will help support our mission of promoting the stability and efficiency of the U.S. economy and financial system. Your work will affect the economy of the Southeast, the United States, and the world. The work we do here is important, and how we do it is just as important as what we do. We live our values of integrity, excellence, and respect every day. We do the right thing, we do things right, and we treat people right. A career at the Federal Reserve Bank of Atlanta gives you the chance to do work that touches lives and helps communities prosper. 

Position Summary: 
Under limited supervision, responsible for providing expertise in the areas of information security operations, projects, and/or compliance for the Retail Payments Office (RPO). Provides technical expertise to organization-wide programs such as cyber resilience and cybersecurity awareness. Develops and maintains procedures such as crisis management, continuous monitoring, risk analysis, and cyber resiliency scenarios for mission essential services and business functions. Responsible for developing and implementing processes to protect organizational information resources, and researches and gathers information security intelligence and best practices to address emerging threats.  Acts as a subject matter expert for department management on matters of information security and cyber resilience. Provides guidance to department management to ensure compliance and mitigation of risks.

Responsible for representing information security interests in strategic assignments and implementation projects to maintain the policies and controls used to protect the Bank’s information assets.  

Gathers stakeholder protection needs, concerns, and requirements and uses established engineering processes to ensure that such needs, concerns, and requirements are strategically planned and addressed across all key stakeholders with the appropriate fidelity and rigor, early in the engagement.

Writes and traces project requirements, organizes penetration testing and security control assessments, develops system security plans, identifies and tracks the remediation of security findings, and prepares and presents authorization packages to senior leaders.

Key Responsibilities:

  • Develops and implements security procedures and recommends methods to comply with security requirements. Monitors and analyzes open source and internal data sources to identify trending security issues and alert management to developments, changes and shifts in risk. Contributes to risk assessments and reviews complex, technical documents, diagrams and plans to identify security requirements and recommend controls.
  • Evaluates, designs, and implements processes and requirements to ensure compliance with security policies and procedures. In accordance with approved security frameworks, advises project and information security colleagues on information security requirements, compliance responsibilities and methods to protect resources and sensitive information. 
  • Performs security incident operations, including after-hours response activities, event escalation coverage, and incident reporting. Contributes to and participates in security incident plan exercises. Identifies, investigates and escalates information security incidents.
  • Consults with leadership and technology staff to categorize systems, implement and assess controls, manage resilience, and respond to and monitor risk. Maintains risk management documentation to monitor lifecycle progress, track acceptance decisions and catalog remediation actions. Applying risk management frameworks such as NIST 800-37, and utilize automated Governance, Risk, and Compliance tools to track artifacts of the risk management lifecycle. 
  • Leads the development and execution of communications strategy for senior management, management, and RPO staff to create a culture of risk awareness and compliance.  Contributes to training presentations, online forums, articles, and other tools that may be used to create program awareness.  Prepares risk and compliance reporting to senior leadership within the RPO and FRS.
  • Stays current on new and emerging technologies.  Reviews internal, government, academic and commercial sources of information to anticipate new security compliance requirements and identify advancements to best practices for protecting resources and information.
  • Demonstrates high readiness level for Information Security Manager succession.

Education: Bachelor’s degree from an accredited college or university or equivalent combination of experience, education, and/or certification preferred

Experience: 

  • Five to Eight  years of experience preferred
  • Two to three years of cloud experience preferred (Azure or AWS) working with CSP and third-party SaaS solution providers preferred

Knowledge Areas:

  • NIST/COSO/ISO familiarity
  • Business Continuity practices
  • Superior written and verbal communication skills.    

Technical Skills:

  • Windows and UNIX systems
  • Database management systems
  • Project Management    

Certifications/Licenses:

  • Security Cert. Preferred:(Ex. CISSP / CISM / CSSLP / CRISC)
  • Advanced Security Cert. Preferred:(Ex. CISSP - ISSAP/ ISSMP/ ISSEP) 
  • Business Continuity Cert. preferred

Our total rewards program offers benefits that are the best fit for you at every stage of your career: 

  • Comprehensive healthcare options (Medical, Dental, and Vision)
  • 401K match, and a fully funded pension plan
  • Paid vacation and holidays; flexible work environment
  • Generously subsidized public transportation
  • Annual tuition reimbursement
  • Professional development programs, training and conferences
  • And more…

This is not necessarily an exhaustive list of all responsibilities, duties, performance standards or requirements, efforts, skills or working conditions associated with the job. While this is intended to be an accurate reflection of the current job, management reserves the right to revise the job or to require that other or different tasks be performed when circumstances change (e.g. emergencies, rush jobs, change in workload or technological developments).

The Federal Reserve Bank of Atlanta is an equal opportunity employer. 

Previous Job Searches

Activity Feed

1438
Job shares through The Federal Reserve System
Someone applied to the Public Affairs Intern position. 3 hours ago
Someone applied to the Law Enforcement Officer I - Federal Reserve, El Paso, TX position. 9 hours ago
Someone applied to the Cybersecurity Analyst- Counter Threat Automation (CTA) position. 14 hours ago
Someone applied to the Diversity, Equity and Inclusion (DEI) Consultant position. 22 hours ago
Someone applied to the Vice President/Chief Information Security Officer (CISO) position. 23 hours ago

Similar Listings

Virginia, Richmond

📁 Analytical

Requisition #: 266827

Virginia, Richmond

📁 Analytical

Requisition #: 266828