Full Job Description
Cyber Security Business Expert-264961
Federal Reserve Bank of New York
Primary Location NY-New York City
Full-time / Part-time Full-time
Employee Status Regular
Overtime Status Exempt
Job Type Experienced
Travel Yes, 10 % of the Time
Shift Day Job
Working at the Federal Reserve Bank of New York positions you at the center of the financial world with a unique perspective on national and international markets and economies. You will work in an environment with a diverse group of experienced professionals to foster and support the safety, soundness, and vitality of our economic and financial systems. It is a challenge that demands the skills of a financial service professional and the intelligence of an academic—all combined with a passion for public service.
What we do:
Information Security New York (ISNY) develops, executes, and maintains an information security program that promotes resiliency by identifying and mitigating cyber threats through risk-based consultation, advice, and direction for controls, designs, and investments for the entire Bank.
The Cyber Security Business Expert (CSBE) role will partner with several Groups as an information security enterprise 1st line of defense to reduce cyber risks across end-to-end business activities, achieving outcomes and “moving the needle on security”. The CSBE ensures that compensating controls are horizontally implemented across SAFR boundaries and Group boundaries from an end-to-end risk view. This role is embedded in the business to become an expert on the Corporate and Core business processes, information assets, applications and systems with a long-term threat horizon focus to anticipate new attack vectors, threat actor tactics, and cyber security trends and new capabilities directly linked to the Bank’s principal business activities.
Your role as Cyber Security Business Expert:
Serve as the 1st line of defense cyber risk mitigation in the Corporate and Core Groups of the Bank to find and address cyber risks by designing and supporting the implementation of additional compensating controls in partnership with the business and national technology team
Partner with the business on all new technology-related and new business process-related programs to "build security in" from the beginning, applying security controls standards.
Partner with the business to develop long-term plans to address the cybersecurity challenges and changes across the Bank’s Groups
Assess cyber risks to the business by linking cyber threat intelligence with business information assets, technology assets, business processes to determine the inherent and residual risks for the Bank.
Lead the partnership with the business to enrich cyber threat intelligence to answer the "so what?" question and make the intelligence more applicable (i.e., contextualized to the business operating environment).
Partner with ISNY's Risk Identification Team and the business in the development of cyber residual risk thresholds for all of the cyber risk scenarios aligned to the Corporate and Core Groups, partnering to cascade the risk tolerance to the business.
Lead the cyber risk governance decision-making process with the impacted Group(s) whenever the cyber risk KRI's exceed the residual risk thresholds in one or more cyber risk scenarios.
Partner with departments to advocate cybersecurity best practices, and procedures with external partner organizations to reduce cyber threats.
Establish relationships with information security organizations, peer institutions, government groups, and cybersecurity forums to exchange ideas, techniques and trends, and best practices that can be assessed and adopted by the Bank.
Monitor the external cyber threat landscape for the business. Assess new threat actor tactics and techniques, along with technology trends, to better understand the future impact on cyber risk.
What we are looking for:
Bachelor's degree required in IT related field, Computer Science preferred.
10+ years of relevant work experience preferred.
Possession of, or the ability to obtain, a U.S. Government Security Clearance, which includes U.S. Citizenship.
In-depth understanding of the cyber threat landscape.
Prior hands-on cyber security experience in multiple domains
Excellent Business Analysis and problem-solving skills
Our organization offers benefits that are the best fit for you at every stage of your career:
Fully paid Pension plan and 401k with Generous Match
Comprehensive Insurance Plans (Medical, Dental and Vision including Flexible Spending Accounts and HSA)
Subsidized Public Transportation Program
Tuition Assistance Program
Onsite Fitness & Wellness Center
Flexible Work Arrangements
The Federal Reserve Bank of New York is committed to a diverse workforce and to providing equal employment opportunity to all persons without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, genetic information, disability, or military service.
This is not necessarily an exhaustive list of all responsibilities, duties, performance standards or requirements, efforts, skills or working conditions associated with the job. While this is intended to be an accurate reflection of the current job, management reserves the right to revise the job or to require that other or different tasks be performed when circumstances change.