Federal Reserve Bank Richmond , VA 23234
Information Security Engineer Associate to Intermediate
As part of the nation's central bank, the Federal Reserve Bank of Richmond is committed to strengthening the economy and our communities. It's a big job, and that's why we need a variety of talented, results-driven professionals who care about making a difference. Sound like a challenge? You bet it is. That's why three important values inspire our culture: Serve with integrity. Lead with courage. Perform with excellence.
At the Richmond Fed, our goal is not just to be an employer of choice; we want to be your employer of choice. One of the ways we do that is by offering a total rewards portfolio that includes more than compensation. At the Richmond Fed, total rewards includes thrift and retirement plans, a generous paid time off, health and wellness benefits, insurance to protect you and your loved ones, work/life offerings, and a variety of professional development opportunities.
The Information Security team is hiring an IS Engineer (Associate or Intermediate), depending on level of experience. This member of the Information Security Threat Management team will be responsible for incident response and forensics investigations, technical assessment of risk and cyber threats, and the identification, exploitation, and support of remediation of system vulnerabilities. In addition, this position may provide support for penetration testing.
Candidate should review the FRB Employee Code of Conduct to ensure compliance with issues related to previous employment and prohibited financial interests. The Code is available on the About Us, Careers webpage at www.richmondfed.org.
Apply on line at www.richmondfed.org
The deadline for applying on line is October 17, 2018 at 5:00PM
The hiring range for Information Security Engineer Associate is $56,500-70,600 annually
The hiring range for Information Security Engineer Intermediate is $69,700-$87,100 annually
Salary offered will be based on the job responsibilities and the individual's knowledge, skills and experience as defined in the job description
Selected candidate subject to special background check procedures
Selected candidate will be required to obtain the Security Assurance for the Federal Reserve (SAFR) certification within one year of hire.
Essential Job Responsibilities (include but are not limited to the following):
Contributes to incident response, forensic investigations, vulnerability assessments, risk management processes and penetration tests.
Maintains knowledge of current security tools and industry best practices: tools, techniques, procedures, tactics, attacks and forensics.
Acts as a security resource for business partners and information technology peers to provide guidance on information security policies, best practices and technologies.
Audits existing security procedures, devising improvements as appropriate, ensures documentation is current and maintained to meet applicable standards.
Administers and maintains routine security processes and procedures, and provides remediation of marginally complex vulnerability issues.
Bachelor`s Degree with emphasis in Computer Science, Information Systems, or a related field, or equivalent combination of education and work experience.
Industry recognized certifications within the domain of information security, information technology and project management (e.g., CISSP, GIAC, ITIL, etc.) considered a plus and recognized as an indication of work experience.
Information Security Associate
Information Security Engineer Intermediate
Strong planning, problem solving, and organizational skills with the ability to handle multiple priorities (required).
Excellent oral and written communication skills, as well as the ability to convey technical and security related issues to business audience (required).
Strong motivation to expand and grow technical skill set (required).
Ability to work with a team as well as diverse workgroups on prevention, identification, and resolution of security problems (required).
Strong customer service orientation (required).
Fundamental knowledge of operating systems (Linux, Windows, iOS, Android, Unix variants), network intrusion protection and detection architectures, operating system vulnerabilities, vulnerability assessment and associated tools (preferred).
Knowledge of information security policies and procedures, industry best practices as well as various IT governance standards (NIST, COSO, ITIL, etc.) (preferred).