Federal Reserve Bank of Atlanta
Senior Risk Specialist
Federal Reserve Bank of Atlanta, Atlanta, Georgia, United States, 30383
Company:
Federal Reserve Bank of AtlantaAs an employee of the Atlanta Fed, you will help support our mission of promoting the stability and efficiency of the U.S. economy and financial system. Your work will affect the economy of the Southeast, the United States, and the world. The work we do here is important, and how we do it is just as important as what we do. We live our values of integrity, excellence, and respect every day. A career at the Federal Reserve Bank of Atlanta gives you the chance to do work that touches lives and helps communities prosper.In addition to competitive compensation, we offer a comprehensive benefits package that includes tuition assistance, generous paid time off, top-notch health care benefits, child and family care leave, professional development opportunities, a 401(k) match, pension, and more. All brought together in a flexible work environment where you can truly find balance.The Federal Banking Agencies (FBAs) jointly conduct the supervision of technology services provided by certain third-party service providers under the authority provided in the Bank Service Company Act (BSCA). The Service Provider Program currently includes third-party service providers that are deemed particularly systemically important (i.e., Significant Service Providers, or SSPs) and the ones that are deemed less so (Regional Service Providers, or RSPs). Oversight of the Federal Reserve’s supervision of SSPs will be conducted by the SSP Management Group (MG).The SSP portfolio is looking for highly motivated individuals to join the Portfolio Coordination Group (PCG), which supports the SSP MG in carrying out the MG’s governance and oversight responsibilities over the Federal Reserve’s SSP portfolio. The PCG coordinates supervisory program execution to ensure portfolio-wide transparency and consistency in a manner aligned with the strategic direction, priorities and plans set forth by the SSP MG. The PCG Senior Risk Specialist will report functionally to the PCG Lead. Administrative reporting will be through the Federal Reserve Bank of Atlanta.We offer a dynamic
hybrid
workplace environment that requires at least 2 days per week in the office.Work Location:
You will be a Federal Reserve Bank employee working within commutable distance of a Federal Reserve Bank, or approved Branch.Responsibilities
The successful candidate must demonstrate the ability to carry out the following activities:Contributes to review of cybersecurity and/or cloud security examinations to determine the effectiveness of a FI’s and SSP’s cybersecurity posture and validate remediation efforts of identified issues.Contributes on Federal Reserve System and local cyber security and/or cloud security initiatives related to training, committees, and development of policy statements to enhance the supervision of FIs and SSPs.Supports review of supervisory plans for relevant cybersecurity and/or cloud security areas and effective risk-based supervision factoring in size and complexity of target firms.Conduct horizontal (second-level) reviews of key Central Point of Contact’s (CPC’s) work products such as supervisory plans / strategies, exam scopes, conclusion memos, supervisory letters and reports of examination, findings and ratings, vetting deliverables following first-level review by the Responsible Reserve Bank.Lead initiatives that modernize SSP supervision and assist with the vetting preparation of supervisory strategies, significant findings, and ratings.Conduct and contribute to cross-entity work (e.g., scenario-developed analysis)Identify, develop, and execute horizontal review topicsImplement SSP program enhancements or policy changesDevelop quarterly portfolio-level continuous monitoring topicsDevelop portfolio-level analytics packages and dashboardsCoordinate incident response, threat and vulnerability monitoringContribute to OASiS implementation and enhancementsOther duties as assignedSkills desired include:
Strong knowledge of supervision and the examination process to drive change and manage riskStrong understanding of operational and cyber resilience, cloud security, third-party risk management and legal and policy mandates in the financial sector that pertain to third-party risk management and cybersecurity risks and industry standards and guidance (i.e., FFIEC IT Handbook and NIST CSF)Previous SSP CPC experience and examiner commission a plusStrong critical thinking, analytical and data analysis skillsProven ability to effectively influence outcomes and build consensus across multiple stakeholdersAbility to combine risk analysis with sound judgement in proposing recommendationsAbility to engage and influence cross-functional teams and work collaboratively with internal and external teamsExcellent oral and written communications skillsAbility to lead, juggle and effectively prioritize multiple projects simultaneously while meeting critical deadlines and stakeholder expectationsSound judgment, tact and diplomacy as well as keen political savvy and experience navigating complex third-party risk and cybersecurity issuesExperience
Minimum 5 years of experience in at least some of the following domains:Cyber Security and IT Risk managementCloud SecurityCybersecurity response and resilienceIT Audit and/or IT examination or supervisionChange and Configuration ManagementAsset and Lifecycle ManagementVendor risk managementData governance and securityEndpoint and server technologiesIntrusion detection and prevention systemsIdentity access management and access controlThreat and vulnerability managementProblem and Incident ManagementEffective written and verbal (including presentation and negotiation) communication skills in dealing with all levels of senior management, boards of directors and other regulatory agenciesAnalytical, problem solving and time management skillsFamiliarity with:
FFIEC, NIST, SANS and ISO standards and frameworksInformation security, cybersecurity, and risk management principlesNetwork management/architectureCertifications/Licenses:
Certified in CISSP, CISA, CISM, and/or industry certification is a plus.Cloud certification is preferred but not required.Examiner commission preferred but not required.Our total rewards program offers benefits that are the best fit for you at every stage of your career:Comprehensive healthcare options (Medical, Dental, and Vision)401K match, and a fully funded pension planPaid vacation and holidays; flexible work environmentGenerously subsidized public transportationEducation Assistance ProgramProfessional development programs, training and conferencesAnd more…This is not necessarily an exhaustive list of all responsibilities, duties, performance standards or requirements, efforts, skills or working conditions associated with the job. While this is intended to be an accurate reflection of the current job, management reserves the right to revise the job or to require that other or different tasks be performed when circumstances change (e.g. emergencies, rush jobs, change in workload or technological developments).The Federal Reserve Bank of Atlanta is an equal opportunity employer.Full Time / Part Time:
Full timeRegular / Temporary:
RegularJob Exempt (Yes / No):
YesJob Category:Work Shift:
First (United States of America)The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.Always verify and apply to jobs on Federal Reserve System Careers ( https://rb.wd5.myworkdayjobs.com/FRS ) or through verified Federal Reserve Bank social media channels.Privacy Notice:
#J-18808-Ljbffr
Federal Reserve Bank of AtlantaAs an employee of the Atlanta Fed, you will help support our mission of promoting the stability and efficiency of the U.S. economy and financial system. Your work will affect the economy of the Southeast, the United States, and the world. The work we do here is important, and how we do it is just as important as what we do. We live our values of integrity, excellence, and respect every day. A career at the Federal Reserve Bank of Atlanta gives you the chance to do work that touches lives and helps communities prosper.In addition to competitive compensation, we offer a comprehensive benefits package that includes tuition assistance, generous paid time off, top-notch health care benefits, child and family care leave, professional development opportunities, a 401(k) match, pension, and more. All brought together in a flexible work environment where you can truly find balance.The Federal Banking Agencies (FBAs) jointly conduct the supervision of technology services provided by certain third-party service providers under the authority provided in the Bank Service Company Act (BSCA). The Service Provider Program currently includes third-party service providers that are deemed particularly systemically important (i.e., Significant Service Providers, or SSPs) and the ones that are deemed less so (Regional Service Providers, or RSPs). Oversight of the Federal Reserve’s supervision of SSPs will be conducted by the SSP Management Group (MG).The SSP portfolio is looking for highly motivated individuals to join the Portfolio Coordination Group (PCG), which supports the SSP MG in carrying out the MG’s governance and oversight responsibilities over the Federal Reserve’s SSP portfolio. The PCG coordinates supervisory program execution to ensure portfolio-wide transparency and consistency in a manner aligned with the strategic direction, priorities and plans set forth by the SSP MG. The PCG Senior Risk Specialist will report functionally to the PCG Lead. Administrative reporting will be through the Federal Reserve Bank of Atlanta.We offer a dynamic
hybrid
workplace environment that requires at least 2 days per week in the office.Work Location:
You will be a Federal Reserve Bank employee working within commutable distance of a Federal Reserve Bank, or approved Branch.Responsibilities
The successful candidate must demonstrate the ability to carry out the following activities:Contributes to review of cybersecurity and/or cloud security examinations to determine the effectiveness of a FI’s and SSP’s cybersecurity posture and validate remediation efforts of identified issues.Contributes on Federal Reserve System and local cyber security and/or cloud security initiatives related to training, committees, and development of policy statements to enhance the supervision of FIs and SSPs.Supports review of supervisory plans for relevant cybersecurity and/or cloud security areas and effective risk-based supervision factoring in size and complexity of target firms.Conduct horizontal (second-level) reviews of key Central Point of Contact’s (CPC’s) work products such as supervisory plans / strategies, exam scopes, conclusion memos, supervisory letters and reports of examination, findings and ratings, vetting deliverables following first-level review by the Responsible Reserve Bank.Lead initiatives that modernize SSP supervision and assist with the vetting preparation of supervisory strategies, significant findings, and ratings.Conduct and contribute to cross-entity work (e.g., scenario-developed analysis)Identify, develop, and execute horizontal review topicsImplement SSP program enhancements or policy changesDevelop quarterly portfolio-level continuous monitoring topicsDevelop portfolio-level analytics packages and dashboardsCoordinate incident response, threat and vulnerability monitoringContribute to OASiS implementation and enhancementsOther duties as assignedSkills desired include:
Strong knowledge of supervision and the examination process to drive change and manage riskStrong understanding of operational and cyber resilience, cloud security, third-party risk management and legal and policy mandates in the financial sector that pertain to third-party risk management and cybersecurity risks and industry standards and guidance (i.e., FFIEC IT Handbook and NIST CSF)Previous SSP CPC experience and examiner commission a plusStrong critical thinking, analytical and data analysis skillsProven ability to effectively influence outcomes and build consensus across multiple stakeholdersAbility to combine risk analysis with sound judgement in proposing recommendationsAbility to engage and influence cross-functional teams and work collaboratively with internal and external teamsExcellent oral and written communications skillsAbility to lead, juggle and effectively prioritize multiple projects simultaneously while meeting critical deadlines and stakeholder expectationsSound judgment, tact and diplomacy as well as keen political savvy and experience navigating complex third-party risk and cybersecurity issuesExperience
Minimum 5 years of experience in at least some of the following domains:Cyber Security and IT Risk managementCloud SecurityCybersecurity response and resilienceIT Audit and/or IT examination or supervisionChange and Configuration ManagementAsset and Lifecycle ManagementVendor risk managementData governance and securityEndpoint and server technologiesIntrusion detection and prevention systemsIdentity access management and access controlThreat and vulnerability managementProblem and Incident ManagementEffective written and verbal (including presentation and negotiation) communication skills in dealing with all levels of senior management, boards of directors and other regulatory agenciesAnalytical, problem solving and time management skillsFamiliarity with:
FFIEC, NIST, SANS and ISO standards and frameworksInformation security, cybersecurity, and risk management principlesNetwork management/architectureCertifications/Licenses:
Certified in CISSP, CISA, CISM, and/or industry certification is a plus.Cloud certification is preferred but not required.Examiner commission preferred but not required.Our total rewards program offers benefits that are the best fit for you at every stage of your career:Comprehensive healthcare options (Medical, Dental, and Vision)401K match, and a fully funded pension planPaid vacation and holidays; flexible work environmentGenerously subsidized public transportationEducation Assistance ProgramProfessional development programs, training and conferencesAnd more…This is not necessarily an exhaustive list of all responsibilities, duties, performance standards or requirements, efforts, skills or working conditions associated with the job. While this is intended to be an accurate reflection of the current job, management reserves the right to revise the job or to require that other or different tasks be performed when circumstances change (e.g. emergencies, rush jobs, change in workload or technological developments).The Federal Reserve Bank of Atlanta is an equal opportunity employer.Full Time / Part Time:
Full timeRegular / Temporary:
RegularJob Exempt (Yes / No):
YesJob Category:Work Shift:
First (United States of America)The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.Always verify and apply to jobs on Federal Reserve System Careers ( https://rb.wd5.myworkdayjobs.com/FRS ) or through verified Federal Reserve Bank social media channels.Privacy Notice:
#J-18808-Ljbffr