Senior Information Security Engineer

Company
Federal Reserve Bank of Chicago
The Federal Reserve Bank of Chicago is one of 12 regional Reserve Banks that, along with the Board of Governors in Washington, D.C., make up our nation's central bank. Our work promotes a safe, sound, and stable financial system which fosters an economy that works for everyone, so people can find jobs and prices remain stable.
Together, we serve in an innovative environment that values our employees and applies the highest ethical standards. Our culture is deeply rooted in our service to our nation and our organizational values of integrity, service, innovation, inclusion, growth, and development. As an employee with us, you'll find support to grow amongst a diverse team, while feeling united by our clear and common purpose.
About FRFS
The Federal Reserve Financial Services (FRFS) enterprise delivers a suite of payments services to financial institutions via FedLine® Solutions, Fedwire®, National Settlement Service (NSS), FedCash®, FedACH® (Automated Clearing House), and Check Services.
The Customer Operations and Security team is responsible for the security of the FRFS aggregate infrastructure and production operating environment, including customer (e.g., depository institution) security. Our work spans incident response for customer security events, threat landscape and intel gathering, insider risk management, vulnerability management and technical currency coordination, and end-to-end observability of key security events across the FRFS infrastructure. This team builds and runs the real-time "common operating picture" capability for security end-to-end from the customer to the FRS.
The Senior Information Security Engineer role includes the following responsibilities:

• Manages and maintains the organization's vulnerability management program, including but not limited to:
  • compiling metrics and performance across the enterprise and its products;
  • improving and maintaining processes to categorize vulnerabilities and route to appropriate implementation teams for resolution;
  • supporting FRFS cyber risk assessment, evaluation and tolerance processes;
  • tracking and ongoing reporting of key performance and risk indicators;
  • serving as a liaison between FRFS IS and other key internal and external stakeholders (i.e., FRFS Enterprise Risk, FRFS Resiliency, auditors, and external customers and Financial Services industry partners, etc.).
• Establishes and maintains end-to-end observability processes and improvements, including but not limited to:
  • defining key alerts and monitors in centralized tools to support an effective incident response process;
  • ensuring effective monitoring to support a robust end-to-end security posture;
  • collaborating with other shared services teams to bring the vision to reality in iterative and incremental fashion.
• Key participant in cyber incident response processes and maintainer of associated processes and procedures.
• Maintains relationships with business areas that interact with FRFS, District, and National governance processes in a moderately complex manner on a regular basis.
• Supports the collection and tracking of cybersecurity and threat intelligence information via open-source and private partnerships.

The primary desired work location for this position is Chicago, Kansas City, or New York, but candidates that live anywhere in the continental US will be considered. The level of work required is considered intermediate to advanced and staff must be able to work under general to limited supervision. This job does not have any direct reports.
This position is full time in the office with flexibility and may require you to travel as much as 10% of the time.
Your Background:

• Experience supporting agile processes utilizing DevSecOps frameworks
• Experience in end-to-end monitoring and alerting solutions, SIEMs, and equivalent technologies in support of anomalous activity monitoring/escalation/triage.
  • Familiarity with Splunk, DataDog, and related SIEM tools.
  • Familiarity with contemporary scripting tools such as Powershell, Unix shells, etc.
  • Familiarity with security orchestration and data transformation processes
• Experience supporting cyber incident response activities.
• Experience collaborating with senior management to define, track and manage key risk indicators (KRIs) used to assess security and operational posture.
• Experience collaborating in cross-functional teams to implement industry best practices such as least-privilege enforcement, infrastructure segmentation, DNSSEC, and zero trust architecture.
• Experience supporting open-source intel gathering and socialization to ensure situational awareness of key threats facing private and public organizations and the financial services industry.
• Familiarity with cryptographic and public key technologies including, but not limited to, TLS, PKI, Multi-factor Authentication solutions, RSA, and Elliptic Curve Cryptography.
• Familiarity in low-code/no-code workflow solutions and application lifecycle management solutions.
• Bachelor's degree in computer science, information systems, business, or a related field; or the equivalent combination of education and experience.
• 3+ years of demonstrated experience in program management, workflow automation, and/or incident response within an IT enterprise.
• Strong oral and written communication skills to support engagement across technical and business stakeholders.
• Learning mindset geared toward innovation and creativity for applying technology capabilities in new ways, necessary for both the delivery of effective technology and business solutions.
• Existing SECRET security clearance or must meet eligibility requirements to apply for clearance.

What we offer

• Comprehensive benefits package include medical, dental, vision, prescription drug coverage, 401k savings plan, retirement plan, paid time off, transit benefit, onsite gym and subsidized cafeteria
• A continuous learning environment with opportunities to gain new skills and grow your career
• The Chicago Fed offers benefits to support overall health and financial security. Learn more about our benefits here: https://www.chicagofed.org/careers/thebenefits

Other Requirements

• Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future.
• This position has additional screening requirements due to the information accessed while performing the job. These additional screenings would be initiated at the time of offer acceptance and can take approximately two months to be completed. The screening covers areas such as education/employment verification, criminal history, credit history, and reaches out to your references and people that know you well.
• As a condition of employment, Federal Reserve Bank of Chicago employees must comply with the Bank's ethics rules, which generally prohibit employees, their spouses/domestic partners, and minor children from owning securities, such as stock, of banks or savings associations or their affiliates, such as bank holding companies and savings and loan holding companies. If you or your spouse/domestic partner or minor child own such securities and would not be willing or able to divest them if you accepted an offer of Bank employment, you should raise this issue with the recruiter for this posting, who can provide you contact information for our ethics official if necessary.

The expected starting salary range for this position is between $140,500 and $166,200 annually in addition to annual performance-based discretionary bonuses. Final salary and offer will be determined based on the applicant's relevant experience, skills, internal equity, and alignment with geographic and other market data.
Always verify and apply to jobs on Federal Reserve System Careers or through verified Federal Reserve Bank social media channels.
We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender, gender identity or expression, or veteran status.
Full Time / Part Time
Full time
Regular / Temporary
Regular
Job Exempt (Yes / No)
Yes
Job Category
Information Technology Family Group
Work Shift
First (United States of America)
The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.
Always verify and apply to jobs on Federal Reserve System Careers (https://rb.wd5.myworkdayjobs.com/FRS) or through verified Federal Reserve Bank social media channels.
Privacy Notice