Cybersecurity Examiner – Federal Reserve Bank of New York New York NY
About the job
Working at the Federal Reserve Bank of New York positions you at the center of the financial world with a unique perspective on national and international markets and economies. You will work in an environment with a diverse group of experienced professionals to foster and support the safety, soundness, and vitality of our economic and financial systems. It is a challenge that demands the skills of a financial service professional and the intelligence an academic—all combined with a passion for public service.
What We Do
The Financial Market Infrastructure Function in the Supervision Group examines systemically important Financial Market Utilities (FMU) and Service Providers (SP) domiciled in the Tri-state region. The FMU Risk team is one of five supervisory teams in the Function; its core mission is to identify and assess the effectiveness of supervised entities’ management of information technology, cybersecurity, operational and model risks, and develop cross-institutional perspectives on sound risk management practices in these risk disciplines.
Your Role As a Cybersecurity Examiner
You will conduct cybersecurity examinations for FMUs and SPs under our supervisory authority, and serve as a Federal Reserve System (FRS) cybersecurity expert. Given the complexity and systemic importance of the institutions we oversee, your work will involve close attention to firm-wide IT risk management practices. The responsibilities of the position include assessing FMU/SP cybersecurity risk management programs and associated management information systems for safety and soundness, and compliance with applicable banking laws, regulations, and policy statements. Your work will require close collaboration with different supervisory teams on examinations of information security and cybersecurity, including assessing operational resiliency and third-party risk management.
- Lead or participate on cybersecurity examinations and cross-firm horizontal reviews.
- Validate remediation of previously identified supervisory findings.
- Prepare informative, well-supported supervisory products and work papers.
- Perform monitoring across the FMU/SSP portfolio to understand micro (institution specific), horizontal (industry wide/peer), and macro (financial system) cybersecurity risks.
- Contribute to cross-firms and firm-specific supervisory analyses and products (e.g., annual assessments).
- Help develop supervisory plans for risk-based supervision factoring in the size and complexity of each firm.
- Prepare and provide written analyses and presentations on firm specific cybersecurity risks and industry trends.
- Develop and maintain ongoing relationships with supervisory personnel across the FRS and other regulatory agencies (SEC, CFTC, OCC, FDIC), and senior management at supervised entities to ensure strong lines of communication exist to convey supervisory expectations.
- Contribute to FRS cybersecurity programs related to development of policy statements for supervision of FMU/SSP.
- Maintain knowledge of the latest technologies, threats/vulnerabilities and risk management practices/techniques and its effects to the FMU and SSP ecosystem.
What we are looking for:
- 3+ years of direct work experience with auditing or managing security and technical controls using industry standard frameworks such as FFIEC, NIST, SANS, and ISO.
- Bachelor’s degree in computer science or related fields (e.g., cybersecurity, information technology, information systems, computer engineering)
- Familiarity with information/cybersecurity programs to provide advice on institutions’ ability to identify, protect, respond, and recover from a cybersecurity incident.
- Strong analytical, written and oral communication skills.
- Experience communicating cybersecurity risks and concepts to non-technical audiences and senior management.
- Strong collaborator with experience working with multiple teams and partners.
- Expertise to analyze threat intelligence reports to identify vulnerabilities and assess firms’ capability to minimize their exploitation with potential impact to the financial services industry.
- Some experience dealing with different levels of management, boards of directors and regulatory agencies.
- An industry recognized information security certification (e.g., CISSP, CISA, Cloud Cert or vendor certifications) or interest in pursuing any of the listed certifications.
Need to Boost Your Credentials?
Need Security Training? Certifications at Your Own Pace
- IBM Cybersecurity Analyst Professional CertificateIntroduction to Cybersecurity Tools & Cyber Attacks by IBM
- Generative Adversarial Networks (GANs) Specialization from DeepLearning.AI
- Agile Leadership Specialization from the University of Colorado
- International Cyber Conflicts from the State University of New York (SUNY)
- IT Fundamentals for Cybersecurity Specialization by IBM
- Google Cloud Security Professional Certificate from Google Cloud
- Google Cloud Networking Professional Certificate from Google Cloud
- Introduction to Blockchain Specialization from Association of International Certified Professional Accountants
Note: We may earn a commission from products or services when you click on a link and make a purchase.
Our organization offers benefits that are the best fit for you at every stage of your career:
- Fully paid Pension plan and 401k with Generous Match
- Comprehensive Insurance Plans (Medical, Dental and Vision including Flexible Spending Accounts and HSA)
- Subsidized Public Transportation Program
- Tuition Assistance Program
- Onsite Fitness & Wellness Center
- Flexible Work Arrangements
- And more
Please note that the position requires access to confidential supervisory information and/or FOMC information, which is limited to “Protected Individuals” as defined in the U.S. federal immigration law. Protected Individuals include, but are not limited to, U.S. citizens, U.S. nationals, and U.S. permanent residents who either are not yet eligible to apply for naturalization or who have applied for naturalization within the requisite timeframe. Candidates who are permanent residents may be eligible for the information access required for this position if they sign a declaration of intent to become a U.S. citizen and pursue a path to citizenship and meet other eligibility requirements.
In addition, all candidates who do not currently possess a Level 2 clearance or higher must undergo an enhanced background check, comply with all applicable information handling rules, and will be tested for all controlled substances prohibited by federal law, to include marijuana.
The Federal Reserve Bank of New York is committed to a diverse workforce and to providing equal employment opportunity to all persons without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, genetic information, disability, or military service.
This is not necessarily an exhaustive list of all responsibilities, duties, performance standards or requirements, efforts, skills or working conditions associated with the job. While this is intended to be an accurate reflection of the current job, management reserves the right to revise the job or to require that other or different tasks be performed when circumstances change.
Federal Reserve Bank of New York
Primary Location: NY-New York City
Full-time / Part-time: Full-time
Employee Status: Regular
Overtime Status: Exempt
Job Type: Experienced
Travel: Yes, 15 % of the Time
Shift: Day Job