Posted in Information Technology 13 days ago.
Type: Full-Time
Location: Minneapolis, Minnesota
The Federal Reserve Bank of Minneapolis is looking for experienced Information Security Manager to support the Bank in its role as a Fiscal Agent for the Department of Treasury and the Bureau of the Fiscal Service.
In this role, you will lead a small team of security professionals and will serve as the Information System Security Officer (ISSO) role for a cloud based financial system. In the role of an ISSO, you will ensure that all relevant IT security requirements prescribed by the Federal Reserve and Fiscal Service are implemented and maintained throughout the lifecycle of the information system. Ideal candidates will have had previous experience with NIST based information security control and risk management frameworks as well as a commitment to delivering high-quality, prompt, and efficient services to stakeholders.
Must be a U.S. citizen or lawful permanent resident alien with at least three (3) years of legal residency. This position does not offer employment-based visa sponsorship.
The Minneapolis Fed believes in flexibility to balance the demands of work and life while also recognizing the necessity of connecting and collaborating with our colleagues in person. Onsite work is an essential function of this position, and you are expected to be in the office two (2) days per week for meetings and team collaboration.
Responsibilities:
Execute the full cycle of employment matters, including but not limited to those involving hiring, retention and performance optimization, salary recommendations, and decisions related to the termination of employment, as well as the documentation of these matters.
Develop and evaluate the performance of staff, which includes managing staff to identify developmental assignments and training opportunities, working with individuals on their career goals, delegating responsibilities, providing feedback, and evaluating performance on any of the preceding duties.
Establish objectives and key results for the team and adjust direction as needed to respond to organizational strategies and priorities.
Serve as the principal advisor to the System Owner, Authorizing Official, and Chief Information Security Officer (CISO) on all matters (technical and otherwise) involving security of assigned system(s) and/or service(s).
Ensure necessary governance documentation (e.g., business case, technical addendum, Security Impact Analysis – SIA, Classification and Determinations Memo – CDM, etc.), reviews, approvals, and agreements for system(s) and/or service(s) are in place and kept up to date.
Ensure that management, operational, and technical security controls (inherited and system specific) are managed throughout the system development life cycle.
Maintain an Ongoing Authorization to Operate (ATO) for assigned system(s) or an Ongoing Authority to Use (ATU) for assigned service(s) consistent with applicable policy, standards, procedures, and guidelines.
Execute ongoing or operational information security continuous monitoring activities per defined frequency and processes to identify, report, mitigate, and manage risks to maintain the overall security posture and support ongoing authorization decisions.
Ensure that all data, privacy, records management, and other applicable requirements for the protection of sensitive and mission critical information within the assigned system(s) and/or service(s) are being met and followed.
Ensure security incidents are promptly reported. Perform notification for any suspected security incidents in a timely manner and assist in the investigation of incidents if requested.
Ensure responses to cyber security related data calls and audit requests are completed by the specified due dates.
Maintain a high level of technical, operational, and cybersecurity knowledge including completing specialized training on an annual basis.
Represent the Bank at all levels across the System including participating and/or leading security-focused workgroups at the System Level. Influence decisions and strategic initiatives through this participation and translate relevant activities into concrete action plans for the Bank.
Qualifications:
Bachelor’s degree in information systems, computer science, or a related field with a minimum of (8) eight years of broad technical experience, with at (5) least five years in an information security role and at least (2) two years of direct supervision and people leadership responsibilities OR Master’s degree in information systems, computer science, or a related field with a minimum of (6) eight years of broad technical experience, with at (5) least five years in an information security role and at least (2) two years of direct supervision and people leadership responsibilities.
Must have knowledge of, and experience with, the NIST 800 series publications including: 800-30, 800-37, 800-53, 800-53a, 800-60.
Previous experience working in Federal IT Security and/or experience performing the duties of an Information System Security Officer (ISSO) is preferred.
Working knowledge and experience designing, implementing, or supporting security controls or operational security support systems.
Knowledge of common threats, vulnerabilities, and exploits with equivalent understanding of mitigating controls and response techniques or processes.
Experience leading or supporting development, documentation and maintenance of security policies, processes, or procedures.
Working knowledge of the methodologies to conduct threat-modeling exercises on cloud-based applications and services.
Working knowledge and experience with cloud architectures and shared responsibility security models, with the ability to address the unique security considerations of cloud-based applications.
Working knowledge of modern development and deployment workflows with experience securing CI/CD pipelines.
Excellent written and verbal communication skills with the ability to communicate information security and risk-related concepts to technical and non-technical audiences across all levels of the organization.
Ability to motivate, develop and lead a diverse team through collaboration and consensus to reinforce a culture of service, accountability, and innovation.
Ability to handle sensitive and confidential matters.
Highly effective organization, time management, and prioritization skills with an aptitude for breaking down work into manageable parts while effectively assessing the priority and time required to complete each part.
Commitment to delivering a great customer experience with a personal and professional value system consistent with the culture and values of the Bank and the Federal Reserve System.
Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA) or other similar credentials.
Additional Information:
Salary Range: $135,000 - $168,749 - $202,500 Annually.
Salary offer will be based on qualifications/experience of the candidate, alignment with market data, the needs of the position, our total compensation package, and internal equity.
Our total rewards program offers benefits that are the best fit for you at every stage of your career:
Comprehensive healthcare options (Medical, Dental, and Vision)
401(k) match, and a fully funded pension plan
Paid time off and holidays
Free public transportation passes
Annual educational assistance
On-site fitness facility
Professional development programs, training, and conferences
And more…
Other Conditions Required:
For positions in Information Technology that support Treasury Services: The United States Treasury Department (Treasury) has imposed citizenship requirements for certain positions that support the Reserve Banks Treasury fiscal agency functions and/or spend time working on Treasury security sensitive matters. These positions have been risk rated by Treasury and incumbents must meet the corresponding citizenship requirements of the rating and provide acceptable documentation evidencing such. This Information Technology position provides access to Treasury security sensitive matters, is risk rated HIGH, and as such requires the incumbent be a U.S. citizen.
The Minneapolis Fed is committed to developing a diverse workforce and providing an inclusive environment where all employees are respected and valued. We believe that we can foster development opportunities for all and reach our full potential by recognizing the unique experiences and identities of each of our colleagues. From economists to cash specialists, we work together to represent you in our economy.
The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.
|
Ameriprise Financial
|
|
Ameriprise Financial
|
|
Ameriprise Financial
|
