Info Security Specialist - Threat and Vulnerability Mgmt
Federal Reserve Bank of Minneapolis
This job is no longer accepting applications
See open jobs at Federal Reserve Bank of Minneapolis.See open jobs similar to "Info Security Specialist - Threat and Vulnerability Mgmt" Mossier.Company
Federal Reserve Bank of Kansas CityThe Federal Reserve Bank of Kansas City is seeking an Information Security Specialist to support our Threat and Vulnerability Management team. Responsibilities include monitoring infrastructure/software across varying environments/architecture for vulnerabilities, tracking vulnerability remediation to resolution in accordance with defined compliance requirements, triaging incoming requests to our Security Operations (SO) team, and working across all business areas in consultation regarding cybersecurity risks/impacts. This role will be involved in a mixture of operational services and project work.Key Activities:
Performs vulnerability assessment and management by providing oversight of patch penetration, scanning for vulnerabilities, conducting security analysis of scan results, and validating vulnerability remediation.
Work with remediation teams to analyze vulnerability findings for remediation.
Perform risk-based evaluation of vulnerability findings to prioritize remediation, determine applicability to the environment, and identify false positives.
Performs security reviews of requested hardware and software.
Performs triage and ticketing support for incoming SO requests, international travel scans, privileged access requests, GPO support, and others.
Ensures network and endpoint security by providing assistance with, and assessment of, configuration, applications, and agents.
Provides support for access reviews and other configuration reviews.
Partners with business areas to understand their business functions for consideration of cyber security impacts and policies.
Performs activities related to assigned projects and services, in order to maintain the security posture of Federal Reserve System (FRS) assets.
Reviews work processes to identify, design, and implement improvements in procedures for increased efficiency and effectiveness. Recommends improved enhancements, and interprets and addresses requests and concerns.
Develops, maintains, and implements department standard operating policies and procedures.
Analyzes, documents, and communicates risk using the SAFR risk management process.
Participates on workgroups and awareness activities.
Stays current on new and emerging technologies.
Qualifications:
Typically requires at least 3 years of relevant information security experience.
High school diploma or GED required. Associate’s degree from a two-year college or technical school with specialization in an information technology field, or equivalent combination of experience, education and/or certification preferred.
Industry recognized certifications within the domain of information security, information technology, and project management (e.g., SSCP, CISSP, GIAC, CISM, CISA, PMP, etc.) preferred.
Experience with vulnerability assessment and vulnerability management methodologies.
Experience with industry vulnerability scanning tools.
Ability to analyze vulnerability scan findings and understand/recommend remediation options.
Experience with scripting and automation is preferred
Oral and written communication skills, as well as the ability to convey technical and security related issues to business audience.
SAFR certification preferred.
Detail oriented with strong organizational and prioritization skills to handle multiple priorities simultaneously.
Works collaboratively and independently.
Able to work with a team as well as diverse workgroups on information security risk assessments, exceptions and remediation.
Able to implement new processes to improve security and compliance.
General project management skills.
Knowledge of the following:
Network and Endpoint security
IP Networking concepts
Cloud architecture and security
Common Operating Systems such as Windows, Linux/Unix, Macintosh
Access control methods including: access control lists, encryption and key management, and user and group administration
Industry and FRS compliance regulations
Additional Information:
Location(s):
Hybrid –Yes, KC office
Remote Only Eligible – No
Pay Range: The starting pay range for this position is 72,000 to 99,000 for the job level(s) required for this position. Final offers are determined by factors including the candidate’s qualifications, internal alignment considerations, district assignment, and geographic location.
Screening Requirements: This position has additional screening requirements due to the information accessed while performing the job. These additional screenings would be initiated at the time of offer acceptance and can take up to a couple of months to be completed. You can begin work before the screening is completed; however, continued employment is contingent on acceptable screening results. The areas screened may include education/employment verification, criminal history, credit history, and reference checks.
Sponsorship: Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future.
About Us:
Follow us on LinkedIn, Instagram, X (formerly Twitter), and YouTube
Full Time / Part Time
Full timeRegular / Temporary
RegularJob Exempt (Yes / No)
YesJob Category
Information TechnologyWork Shift
First (United States of America)The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.
This job is no longer accepting applications
See open jobs at Federal Reserve Bank of Minneapolis.See open jobs similar to "Info Security Specialist - Threat and Vulnerability Mgmt" Mossier.