The National Incident Response Team (NIRT), a National Information Technology Operation (NITO), for the Federal Reserve System delivers effective and efficient national intrusion detection, incident response, security intelligence, threat assessment, and vulnerability assessment services for the Federal Reserve System. Job Description
As a member of NIRT's Comprehensive Assessments Team, you will interact with NIRT's customers who are located around the Federal Reserve System evaluating the security of their information systems and applications. The primary areas of responsibility include overseeing, coordinating and performing information security assessment activities. The ideal candidate will have the ability to blend technical, organizational, business, and information security skill sets and knowledge. This means scoping and coordinating the assessments in addition to performing both high-level assessment analysis translating technical vulnerabilities into business risk and low-level assessment work such as running vulnerability assessment tools and conducting ethical hacking. Job Responsibilities
Job Requirements * Approximately 3-5 years of experience in the security aspects of multiple platforms, operating systems, software, communications, and network protocols;
- Coordinates security assessments with business areas;
- Oversees and conducts vulnerability assessments and penetration testing;
- Oversees and performs the review and analysis of security vulnerability data to identify applicability and false positives;
- Prepares and distributes security assessment reports to customers;
- Assists in the selection and tailoring of approaches, methods and tools to support service offering;
- Leads and/or assists in information security related projects and initiatives;
- Performs additional incidental duties as assigned by management or job responsibilities.
Education and/or work experience may be substituted Work Hours and Conditions
- Demonstrated ability to work on multiple projects simultaneously and to work in a highly dynamic, rapidly changing environment;
- Information Security consulting experience, providing subject-matter expertise on a range of information security topics.
- Excellent analytical skills;
- Excellent interpersonal, communication, organizational, and project management skills;
- Team player with excellent consultative skills, and the proven ability to work effectively with client, internal management and staff, vendors and consultants;
- Strong written and verbal communications skills;
- Proven ability to communicate technical issues to technical and non-technical business area representatives;
- Ability to travel up to 25%;
- Ability to obtain US Security Clearance;
- CISSP certified or the ability to work towards obtaining the certification. Desired Qualifications
- Broad understanding of information technology and information security;
- Familiarity with FISMA, FIPS, the NIST 800 series;
- Knowledge of the roles and responsibilities of the Federal Reserve's IT organizations, National Information Technology Operations (NITOs), and other System support organizations;
- Broad understanding of the Federal Reserve System's businesses and business goals;
- Hands-on experience with commercial and open-source network and application security testing tools;
- Experience testing web applications for common web application security vulnerabilities as defined by OWASP including input validation vulnerabilities, broken access controls, session management vulnerabilities, cross-site scripting issues, SQL injection and web server configuration issues;
- PMP certification Education/Experience
- Bachelor's degree in Information Technology/Computer Science, or related disciplines.
8:00 a.m. to 5:00 p.m., Monday - Friday
Overtime as required by project schedules or management. Notes:
1.) By federal law, this position requires that candidates fall within one of the following citizenship categories: (1) U.S. Citizen, (2) U.S. National, or (3) U.S. lawful permanent resident alien ("green card" holder) who is eligible for and seeking U.S. citizenship within the requisite time frames. 2.) Selected candidate will be required to pass a drug screen, credit check, and psychological exam.
The Federal Reserve Bank of San Francisco provides wholesale banking services to financial institutions in the nine western states through...