Info Security Specialist - Threat and Vulnerability Mgmt
CompanyFederal Reserve Bank of Kansas CityThe Federal Reserve Bank of Kansas City is seeking an Information Security Specialist to support our Threat and Vulnerability Management team. Responsibilities include monitoring infrastructure/software across varying environments/architecture for vulnerabilities, tracking vulnerability remediation to resolution in accordance with defined compliance requirements, triaging incoming requests to our Security Operations (SO) team, and working across all business areas in consultation regarding cybersecurity risks/impacts. This role will be involved in a mixture of operational services and project work.Key Activities:
Performs vulnerability assessment and management by providing oversight of patch penetration, scanning for vulnerabilities, conducting security analysis of scan results, and validating vulnerability remediation.
Work with remediation teams to analyze vulnerability findings for remediation.
Perform risk-based evaluation of vulnerability findings to prioritize remediation, determine applicability to the environment, and identify false positives.
Performs security reviews of requested hardware and software.
Performs triage and ticketing support for incoming SO requests, international travel scans, privileged access requests, GPO support, and others.
Ensures network and endpoint security by providing assistance with, and assessment of, configuration, applications, and agents.
Provides support for access reviews and other configuration reviews.
Partners with business areas to understand their business functions for consideration of cyber security impacts and policies.
Performs activities related to assigned projects and services, in order to maintain the security posture of Federal Reserve System (FRS) assets.
Reviews work processes to identify, design, and implement improvements in procedures for increased efficiency and effectiveness. Recommends improved enhancements, and interprets and addresses requests and concerns.
Develops, maintains, and implements department standard operating policies and procedures.
Analyzes, documents, and communicates risk using the SAFR risk management process.
Participates on workgroups and awareness activities.
Stays current on new and emerging technologies.
Qualifications:
Typically requires at least 3 years of relevant information security experience.
High school diploma or GED required. Associate’s degree from a two-year college or technical school with specialization in an information technology field, or equivalent combination of experience, education and/or certification preferred.
Industry recognized certifications within the domain of information security, information technology, and project management (e.g., SSCP, CISSP, GIAC, CISM, CISA, PMP, etc.) preferred.
Experience with vulnerability assessment and vulnerability management methodologies.
Experience with industry vulnerability scanning tools.
Ability to analyze vulnerability scan findings and understand/recommend remediation options.
Experience with scripting and automation is preferred
Oral and written communication skills, as well as the ability to convey technical and security related issues to business audience.
SAFR certification preferred.
Detail oriented with strong organizational and prioritization skills to handle multiple priorities simultaneously.
Works collaboratively and independently.
Able to work with a team as well as diverse workgroups on information security risk assessments, exceptions and remediation.
Able to implement new processes to improve security and compliance.
General project management skills.
Knowledge of the following:
Network and Endpoint security
IP Networking concepts
Cloud architecture and security
Common Operating Systems such as Windows, Linux/Unix, Macintosh
Access control methods including: access control lists, encryption and key management, and user and group administration
Industry and FRS compliance regulations
Additional Information:Location(s) :
Hybrid –Yes, KC office
Remote Only Eligible – No
Pay Range: The starting pay range for this position is 72,000 to 99,000 for the job level(s) required for this position. Final offers are determined by factors including the candidate’s qualifications, internal alignment considerations, district assignment, and geographic location. Screening Requirements : This position has additional screening requirements due to the information accessed while performing the job. These additional screenings would be initiated at the time of offer acceptance and can take up to a couple of months to be completed. You can begin work before the screening is completed; however, continued employment is contingent on acceptable screening results. The areas screened may include education/employment verification, criminal history, credit history, and reference checks.Sponsorship : Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future.About Us:Total Rewards & Benefits (https://www.kansascityfed.org/careers/benefits/)Diversity, Equity & InclusionWho We Are (https://www.kansascityfed.org/careers/who-we-are/)What We DoFollow us on LinkedIn (https://www.linkedin.com/company/kansascityfed/mycompany/) , Instagram, X (formerly Twitter) (https://twitter.com/KansasCityFed) , and YouTube (https://www.youtube.com/kansascityfed)Full Time / Part TimeFull timeRegular / TemporaryRegularJob Exempt (Yes / No)YesJob CategoryInformation TechnologyWork ShiftFirst (United States of America)The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.Privacy Notice (https://www.kansascityfed.org/documents/7797/WorkdayPrivacyNotice.pdf)OUR BANK has one of the most recognizable brands around the world. The Federal Reserve is the central bank of the United States—one of the world's most influential, trusted and prestigious financial organizations. The Federal Reserve is charged with the important mission of promoting a strong economy and a stable financial system and fulfills this responsibility by formulating national monetary policy, supervising and regulating banks and bank holding companies, and providing financial services for banks and the U.S. government.OUR PEOPLE are diverse in background and ideas, which allows for ongoing creativity and innovation. Ultimately, they are the ones who push our high-performance, exchange-driven culture forward.Why Our People Choose Us:Our reputation precedes usThere will always be room for personal growthOur people are firstYou’ll find the right balanceYour responsibilities will be meaningfulWe hope that you will be our future colleague.