As a Cyber Security Risk Assessor for NIRT’s SCA team, she or he will coordinate, lead, manage, and execute internal and outsourced SCA on Federal Reserve information system applications and infrastructure. The ideal candidate for this role will have the ability to blend and utilize their technical, organizational, business, and cyber security skill-sets.
What We Are Looking For in Candidates:
- 3+ years of experience working with security related concepts across different system tiers including applications, operating systems, databases, and network and communication protocols.
- Experience with risk-based control assessment methodologies.
- CISSP certified or the ability to work towards obtaining the certification.
- Demonstrated ability to lead multiple projects simultaneously and to work in a highly dynamic, rapidly changing environment.
- Knowledge of threat modeling techniques and methodologies.
- Experience developing assessment reports that effectively and concisely communicate results and risks to a variety of stakeholders.
- Excellent interpersonal, communication (written and verbal), organizational, and analytical skills.
- Excellent consultative skills and the proven ability to work effectively with business partners, internal management and staff, vendors and consultants.
- Proven ability to communicate technical issues to technical and non-technical, business partners.
- Experience leading or assisting with security risk assessments or cyber security related initiatives/projects.
- Strong project management skills with experience managing a portfolio of engagements.
- Demonstrated ability to serve as risk assessment Subject Matter Expert.
Preferred Qualifications and Skills (Plus Required Qualifications and Skills above):
- 5+ years of experience in the security aspects of multiple platforms, operating systems, software, communications, and network protocols.
- Expert knowledge of NIST SP 800-53 and experience executing assessments against it.
- Familiarity with FISMA, FedRAMP, and other NIST 800 publications.
- Experience with MS Project or other project management tools.
- CCSK/CCSP, PMP and/or CISA certifications.
- Knowledge of the roles and responsibilities of the Federal Reserve’s IT organizations, National Information Technology Operations (NITOs), and other FRS support organizations.
- Broad understanding of the FRS’ businesses and business goals.