The Cybersecurity Risk Specialist will conduct cybersecurity risk management examinations primarily for large/complex financial institutions (FIs) and significant service providers (SSPs) under our supervisory authority. This specialist will serve as a Federal Reserve System subject matter expert. This specialist will be responsible for assessing FI/SSP cybersecurity and operations risk management programs, information technology operations, and management information systems to ensure they are operating in a safe and sound manner and complying with applicable banking laws, regulations, and policy statements. This specialist will lead and / or participate on national examinations for information security and cybersecurity, including assessing business resiliency and vendor risk management.
- Leads or participates on cybersecurity examinations to determine the effectiveness of a FIs and SSPs cybersecurity program and validate their remediation efforts of identified issues.
- Leads or participates on Federal Reserve System and local cyber security initiatives related to training, committees and development of policy statements to enhance the supervision of FIs and SSPs.
- Perform continuous monitoring across the FI and SSP portfolio to understand micro (institution specific), horizontal (industry wide/peer), and macro (financial system supervision) cybersecurity risks.
- Prepares informative, well supported supervisory products and work papers, effectively communicating complex and problematic supervisory findings and required actions to senior management and board of directors.
- Prepare supervisory plans for relevant and effective risk based supervision factoring in the size and complexity of the target firm.
- Prepares and delivers written analyses and presentations on FI and SSP specific and industry trends or emerging risk.
- Analyze information and determine an estimated risk and potential impact to the financial institutions and financial services industry.
- Develop and maintain ongoing relationships with supervisory personnel at the Board of Governors and Reserve Banks, across other regulatory agencies, as well as senior management and directors of FIs and SSPs to ensure strong communication of supervisory expectations.
- Maintain a global awareness of relevant regulations, laws, emerging issues, trends, and ongoing developments in the financial services industry.
Education and Experience:
- A minimum of 5 years of direct work experience with auditing or managing security and technical controls using industry standard frameworks such as FFIEC, NIST, SANS, and ISO.
- Bachelor’ s degree in computer science or related field.
- Currently holds an industry recognized information security certification (e.g., CISSP, CISA, CEH and / or vendor certifications).
- Experience working in regulatory/government agencies or financial services is ideal.
- Regulatory Agency Examiner Commission is preferred but not required.
Knowledge and Skills:
- Advanced knowledge in information security/cyber security, risk management, end point and server technologies, network management/architecture, intrusion detection and prevention systems, vulnerability/pen testing management, and patch management systems. This individual serves as a subject matter expert within these areas.
- Ability to evaluate an institutions’ information security program and provide expert advice on its ability to identify, protect, respond, and recover from business disruptions.
- Ability to analyze threat intelligence reports to identify vulnerabilities, understand how they could be exploited, and the potential impact to the financial industry.
- Critical thinking and decision making abilities. The ideal candidate makes good decisions based on a mixture of analysis, wisdom, experience and judgment.
- Strong analytical, written and oral communication including strong presentation and negotiation skills in dealing with all levels of management, boards of directors and other regulatory agencies.
- Sound analysis, problem solving and judgment skills. The ideal candidate is sought out by others for advice and solutions due to their expertise. Further, the ideal candidate recommends solutions and suggestions that turn out to be accurate when judged over time.
- Strong time management skills and ability to prioritize multiple work streams.
- Ability to work on cross-functional teams with various stakeholders on assignments under tight deadlines.
- Ability to understand and translate complex technical issues into business implications for technical and business representatives.
- Maintains ongoing awareness of current and emerging information regarding security threats, techniques and landscape.
- Up to 75% overnight travel during the course of the year. Travel may be to various locations throughout the U.S.
3 openings. Employer will assist with relocation costs.
About Federal Reserve Bank of Atlanta
The Federal Reserve Bank of Atlanta is one of 12 regional Reserve Banks that, along with the Board of Governors, make up the Federal Reserve System. The Atlanta Fed covers the Sixth Federal Reserve District, which includes Alabama, Florida, and Georgia, and parts of Louisiana, Mississippi, and Tennessee. As part of the Federal Reserve System, the Atlanta Fed helps conduct monetary policy, promote the stability of the financial system, regulate and supervise financial institutions, foster payment and settlement system safety and efficiency, and promote consumer protection and community development.