Cyber Security Data Scientist (Lead/Principal Cyber Security Analyst)

Federal Reserve Bank San Francisco , CA 94118

Posted 3 months ago

Cyber Security Data Scientist (Principal/Lead Cyber Security Analyst)

Area Overview

The National Incident Response Team (NIRT), a national service provider for the Federal Reserve System, delivers effective and efficient national intrusion detection, incident response, security intelligence, threat assessment, and vulnerability assessment services for the Federal Reserve System. The mission of the National Incident Response Team is to play a leading role in the Federal Reserve System's efforts to protect its information systems against unauthorized use.

Principle Duties and Responsibilities

The mission of NIRT's Incident Detection and Analysis (IDA) team is to be an agile team that effectively detects, analyses and investigates information security incidents for its customers. The team is focused on ensuring the security and integrity of critical enterprise systems and environments through the use of various analytical data mining techniques and automated tactics.

Your role as a Cyber Security Data Scientist:

  • As a Cyber Security Data Scientist, you are primarily responsible for advancing the NIRT's threat detection strategy through the blended application of mathematical and computer science methodologies and techniques. You are also responsible for expanding the team's data science capabilities by assessing and training team members; you will serve as a data science subject matter expert for the NIRT. Furthermore you will execute core detection responsibilities in order to remain familiar with operational data.

  • Build, deploy, and monitor predictive models using supervised and unsupervised learning methods to improve threat detection.

  • Develop statistical tests to make data-driven recommendations and decisions.

  • Find new uses for existing data sources and makes recommendations for the acquisition of new sources of information.

  • Provide recommendations to engineering teams on best practice approaches to data warehousing.

  • Apply machine learning and data mining skills to correlate datasets and events to develop dynamic security alerts.

  • Investigate security incidents through data analysis and information gathering.

  • Produce reports and presentations to illustrate results of data science activities.

  • Collaborate with other teams to improve detection capabilities holistically.

  • Assess and train detection analysts to expand the IDA team's data science capabilities through the development of a remote and onsite data science training package that supports individual and team training.

  • Ability to work weekends on a rotational basis with the rest of the team to ensure 24x7 coverage of Threat Analysis Center (TAC).

What we are looking for:

  • Ability to obtain and maintain National Security Clearance, which includes US Citizenship.

  • At Lead level, typically requires 8 years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration and over 5 years' experience in relevant computer network defense discipline and at Principal level, typically requires 12 years of combined IT and/or security work experience with a broad range of exposure to systems analysis, application development, systems administration and over 7 years in relevant computer network defense, computer network exploitation, cyber intelligence or engineering principles discipline

  • 4 years of Data Scientist experience.

  • Hands on experience performing incident detection and analysis in a 24x7 operational environment is a plus.

  • Proven ability to collaborate, build relationships and influence individuals at all levels in a matrix-management environment.

  • Strong Machine Learning and Natural Language Processing skills.

  • Strong experience with data mining and analytic methods (e.g., clustering, sequences, time series, deep learning, statistical analytics)

  • Strong mathematical background (e.g., linear algebra, calculus, probability and statistics)

  • 6 months of cybersecurity experience with a preferred interest in reviewing and analyzing security events from various monitoring and logging sources to identify and/or confirm suspicious activity.

  • Working knowledge of cloud computing technology is preferred but not required.

  • Working knowledge of Microsoft Office products, including Visio and Project.


At a minimum a M.S. degree in Computer Science, Statistics, or Engineering or an equivalent combination of education and work experience

The Federal Reserve Bank of San Francisco is an Equal Opportunity Employer. Our people proudly reflect the diversity and ideas of the communities we serve.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Director Cyber Security Advanced Cyber Analytics Sales Engineer


Posted Yesterday

VIEW JOBS 2/20/2020 12:00:00 AM 2020-05-20T00:00 Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you're as passionate about your future as we are, join our team. KPMG is currently seeking a Director in Cyber Secruity for our Consulting practice. Responsibilities: * Coordinate the sales cycle though delivery including planning, leading, and building lasting relationships with client's technical leadership, senior engineers, scientists, and analysts * Lead client technical presentations and workshops to identify business risks of security vulnerabilities and design/rapid-prototype appropriate prevention, detection, and enforcement using advanced analytics * Create, manage, and develop the planning and road mapping for client cyber analytics programs, driving continuous improvement in maturity and capability * Assist with scoping prospective engagements and developing proposals, conduct risk, threat, and gap assessments, provide written recommendations, interface with client security engineers, and work with KPMG data scientists and engineers to add advanced analytics into client's security organizations Qualifications: * Minimum of eight years of experience in Information Security or in a technology related field * Bachelor's degree from an accredited college/university in an appropriate field is preferred * Experience with designing, overseeing, and executing ingestion and querying of large data sets, particularly systems logs, security event data, and network flow analysis * Extensive experience with common security tools in the areas of Log Management (LM), Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), Identify and Access Management (IAM), firewall, intrusion prevention systems, Anti-Virus (AV), and Data Loss Prevention (DLP), and ability to clearly articulate the current threat landscape with analytical mindset in order to translate data into threat indicators faced by clients * Ability and willingness to travel up to 80% of the time, work in a fast paced, results driven environment, grasp new technology, and contribute at a rapid pace * Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an affirmative action-equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please. Kpmg San Francisco CA

Cyber Security Data Scientist (Lead/Principal Cyber Security Analyst)

Federal Reserve Bank