Logo
Federal Reserve Bank of San Francisco

Lead Information Security Architect

Federal Reserve Bank of San Francisco, Los Angeles, California, United States, 90079


Company:

Federal Reserve Bank of San Francisco We are the Federal Reserve Bank of San Francisco (FRBSF) - public servants with a mission to advance the nation's monetary, financial, and payment systems to build a stronger economy for all Americans. We are a community-engaged bank, and are committed to understanding and serving the vibrant, expansive communities of the Twelfth District. That means we seek and appreciate new perspectives. We respect people for what they do and for who they are. We build opportunities to learn and grow. When you join the SF Fed, you become part of a diverse team united in its purpose to promote an economy that works for everyone. We empower our people to balance their life and work responsibilities. That's why we offer a flexible hybrid work model that allows you to collaborate with office colleagues on some days, and work from home on others. Information Security at the FRBSF has a position for a Senior or Lead Information Security Architect who will join us in evolving application security and fostering collaboration with development teams. This role offers the opportunity to use your technical skills, and security understanding, to review and design solutions that assist our development teams in implementing DevSecOps and creating secure and resilient applications and environments. This role requires strong analytical, communication, problem-solving, engineering, design, and interpersonal skills. In this role, you will work closely with other members of the Information Security team, our application development groups, and other groups across the Federal Reserve System (FRS), helping to build strong relationships across functions and create solutions that provide effective, seamless security to protect our custom-developed products. Essential Responsibilities: Evolve and mature our models, templates, standards, and procedures related to secure application development and secure application and cloud architecture. Ensure these artifacts are in alignment with FRS policy and standards. Consult with our development teams to help them align with FRS policy and standards and meet the risk appetite of the customer. Work with members of application development teams to review and create secure application and infrastructure designs and patterns. Assist development teams by reviewing threat models related to applications and related systems. Analyze potential business impact and exposure leading to risk, based on emerging security threats, vulnerabilities, configurations, threat actor TTPs, etc. Evaluate CICD pipeline design, and related development team processes and help to mature and secure creation, management, and utilization of pipelines. Assist in identification and integration of security-focused tooling into development and operations processes. Support secure application architecture within the Federal Reserve System by fostering constructive dialogue and seeking resolution when confronted with discordant views. Mentor more junior security, application development, and application architecture members, and be a security thought leader for the organization. Solicit feedback and continuously improve your knowledge, skills, and capabilities related to the position. Assist with recruiting activities and administrative work. Minimum Qualifications: Bachelor's degree in computer science, Information Systems, Computer Engineering, Cybersecurity, Systems Analysis or equivalent work experience with 7+ years of application design, development, and security; an additional 4 years of experience may be substituted for a degree. Exposure to multiple diverse technologies, including those used in commercial cloud environments, and applications utilizing languages such as: C#, C++, Java, Python, Go, Rust, PowerShell, Node.js, React, Electron, and Bash. Minimum of 5 years of experience in defensive security, 8 or more years in IT. Knowledge of a wide variety of information security architectures, concepts, and techniques, as well as supporting security tools. Knowledge of common web application vulnerabilities and attacker TTPs and security platform tools (Firewall, EDR, SIEM, SAST, IAST, SCA, Secrets Detection, etc.). Experience with CICD platforms, Git, and GitFlow. SANS GSEC or equivalent technical or architectural security-focused certification. Must be a U.S. Citizen or a Green Card holder with the intent to become a U.S. Citizen. Preferred Qualifications: Experience with threat modeling and security review processes. Experience with securing applications deployed within AWS or Azure. Familiarity with OWASP projects and NIST and CISA standards and guidance. Familiarity with security architecture questions related to the use of machine learning and artificial intelligence. Leadership experience in multiple, large, cross-functional teams or projects. Ability to communicate clearly and influence outcomes. Experience with pattern-oriented design and architecture of high-volume transactional systems. Ability and desire to engage in continuous learning and upskilling. SANS GWEB, GWAPT, or other similar secure development, cloud security, or application security certification. Base Salary Range for Lead Info Security Architect: Min: $155,700 - Mid: $202,200 - Max: $248,700 (Location: San Francisco) Final salary and offer will be determined by the applicant's background, experience, skills, internal equity, and alignment with market data. We offer a wonderful benefits package including Medical, Dental, Vision, Pre-tax Flexible Spending Account, Backup Child Care Program, Pre-Tax Day Care Flexible Spending Account, Paid Family Care Leave, Vacation Days, Sick Days, Paid Holidays, Pet Insurance, Matching 401(k), and Retirement/Pension. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, perform essential job functions, and receive other benefits and privileges of employment. The SF Fed is an Equal Opportunity Employer. #LI-Hybrid Job Type:

Full Time Job Category:

Information Technology Work Shift:

First (United States of America) The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.

#J-18808-Ljbffr