Federal Reserve Bank of Kansas CityThis role is responsible for modernizing the methods and procedures for performing cybersecurity risk management and assessing cybersecurity risk. This involves assessing the current approach, data, and tools to identify gaps and enhancements. It requires strong partnerships with key stakeholders and business leaders, conveying cyber risk to them in a way that allows them to make risk informed decisions and improve the Organization’s security posture.
Key Activities:
Modernize the current approach to cybersecurity risk management and assessments
Research and evaluate methodologies and frameworks and subsequently apply them for use in the organization
Identify and implement risk quantification and scoring approaches within the organization
Develop reports and dashboards to illustrate the organization's risk posture
Ensure that cybersecurity risk is integrated with IT risk, and informs overall Enterprise risk
Meet with technical experts and business leaders to convey cybersecurity risk in a way they can understand
Research and identify options to establish a risk register
Perform in depth data analysis to identify patterns, trends, and areas of focus and priority
Qualifications:
Typically requires at least 6 years of relevant experience
Associate’s degree specializing in an information technology field from an accredited college or university or technical school, or equivalent combination of directly related education and/or experience. Bachelor’s degree preferred.
Information Security industry certification (SSCP, CISSP, GIAC, CISM, CISA, etc.) preferred.
SAFR Certification preferred
Strong knowledge of and experience applying cybersecurity risk frameworks and assessment methodologies; examples may include Factor Analysis of Information Risk (FAIR), NIST Cybersecurity Framework (CSF)
Experience with risk scoring methods and risk quantification
Experience with generating reports and dashboards to convey cybersecurity risk in a way that is easy to consume
Experience establishing or running an Enterprise cybersecurity risk management program
Experience with NIST SP 800-53 security standards
Strong skills and experience with data analysis
Ability to understand technical details of cybersecurity risk
Ability to communicate complicated technical risk scenarios to all levels of the organization
Demonstrate self-motivation and ability to perform work independently, and also collaborate in a team environment
Additional Information:
Location(s):
Hybrid –Yes, KC, Denver, Omaha or Oklahoma City offices
Remote Only Eligible – No
Pay Range:The starting pay range for this position is $89,800 to $160,200 for the job level(s) required for this position. Final offers are determined by factors including the candidate’s qualifications, internal alignment considerations, district assignment, and geographic location.
Screening Requirements: This position has additional screening requirements due to the information accessed while performing the job. These additional screenings would be initiated at the time of offer acceptance and can take up to a couple of months to be completed. You can begin work before the screening is completed; however, continued employment is contingent on acceptable screening results. The areas screened may include education/employment verification, criminal history, credit history, and reference checks.
Sponsorship: Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future.
The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.
Always verify and apply to jobs on Federal Reserve System Careers (https://rb.wd5.myworkdayjobs.com/FRS) or through verified Federal Reserve Bank social media channels.