Tuesday, July 21, 2015

Information Security Specialist

Information Security Specialist - Operations-241566
Federal Reserve Bank of Atlanta

Primary Location

 GA-Atlanta

Full-time / Part-time

 Full-time

Employee Status

 Regular

Overtime Status

 Exempt

Job Type

 Experienced

Travel

 Yes, 5 % of the Time

Shift

 Day Job
Job Sensitivity Tier II - No Credit Check
Position Summary:
Under limited supervision, supports systems and processes to protect the Bank’s information resources. Responsible for all aspects of the organization’s threat and vulnerability management program. Analyzes information security risks and offers remediation solutions to department management and business lines. Remains informed of leading edge technology and industry/academic best practices to determine application to existing business needs. Serves as the primary point of contact for incident response activity and investigation of network irregularities. Communicates information and ideas clearly and with sensitivity to diversity of audiences. Develops and contributes to technical documentation and communication.

Key Responsibilities:
  • Contributes to a comprehensive, business aligned threat and vulnerability management program. Conducts threat modeling and analysis activities of business processes and current/potential IT solutions. Develops recommendations for business partners to remediate vulnerabilities, institute compensating controls or request risk acceptance decisions. Tracks metrics and measures to substantiate efficacy of the program. Provides feedback to intelligence gathering organizations.
  • Conducts research into existing and emerging security threats and technical / process controls. Remains abreast of current security industry and academic research to identify opportunities to address present and future business needs. Conducts proof of concept, technology evaluation and acceptance testing of security products and processes. Provides technical input to security standards, guidelines and daily operational procedures.
  • Offers guidance and recommendations to business lines and IT team on security requirements and best practices. Communicates security policies, standards and guidelines in clear terms to non-technical personnel.
  • Performs security incident operations, including after-hours response activities, event escalation coverage, and incident reporting. Contributes to and participates in security incident plan exercises. Identifies, investigates and escalates information security incidents on the district network.
  • Monitors and analyzes open source and internal data sources to identify trending security issues and alert management to developments, changes and shifts in risk. Contributes to risk assessments and reviews complex, technical documents, diagrams and plans to identify security requirements and recommend controls.
  • Develops recommended implementation / security configuration guides for hardware and software.
Education: Bachelor's Degree or 4 years equivalent experience; Bachelor's Degree preferred

Experience: Two to five years

Functional Knowledge Preferences

Knowledge Areas:
  • Network Design & Architecture
  • Product Testing & Evaluation
  • Technical Writing
  • Compliance Management
Technical Skills:
  • Vulnerability Management Tools
  • SIEM Tool Experience
Certifications/Licenses:
  • GCIH / GCIA / GPEN / GSEC
  • SSCP / CISA

https://frb.taleo.net/careersection/2/jobdetail.ftl?job=241566