Federal Reserve Bank of Kansas City
Info Security Analyst/Specialist/Engineer - Threat & Vulnerability Management & Incident Response','254365','Federal Reserve Bank of Atlanta','GA-Atlanta','','Full-time','Regular','Non-exempt','Non-exempt','Entry Level Job Type','','','No','Day Job','','','Tier II - No Credit Check','Tier II - No Credit Check','','','','!*!Position Summary:
Under moderate supervision, contributes to a comprehensive information security strategy. Serves as a point of contact on matters of information security incident response, threat management, policy, risk assessment, and compliance. Represents the Information Security Department in client interactions and recognizes opportunities to improve the user experience. Partners with business clients to assess risk and recommend solutions to facilitate secure business. Identifies process improvements and remains abreast of advancements that address emerging business and environmental factors impacting assurance levels. Generally operates in one area including threat management, incident response or compliance.
Serves as a customer support representative for the Information Security Department. Provides client security support and recognizes opportunities to optimize the use of technology to improve the customer experience. Resolves customer security issues and addresses system/service requests. Consults with information security colleagues and business clients on information security requirements, compliance responsibilities and methods to protect Bank resources and sensitive information. Utilizes security processes, procedures and tools to meet the Bank's security requirements as defined in approved security frameworks.
Reviews security policies and procedures and recommends methods to comply with security requirements.
Participates in security incident operations, including after-hours response activities, event escalation coverage, and incident reporting. Contributes to and participates in security incident plan exercises. Identifies, investigates and escalates information security incidents on the district network.
Contributes to a comprehensive, business aligned threat and vulnerability management program. Participates in threat modeling and analysis activities of business processes and current/potential IT solutions. Contributes to recommendations for business partners to remediate vulnerabilities, institute compensating controls or request risk acceptance decisions. Tracks metrics and measures to substantiate efficacy of the program.
Works with information system owners to categorize systems; select, implement and assess controls; and frame, assess, respond and monitor risk to the business. Maintains risk and vulnerability management records.
Reviews internal, government, academic and commercial sources of information to anticipate new security requirements and identify advancement in best practices. Understands local policies, standards, guidelines and procedures to supplement enterprise security frameworks. Contributes to reports on security status and contributes to security breach reporting activities. Communicates security threats, policies, standards and guidelines in clear terms to non-technical personnel.
Vulnerability Management - Scan, report and aid others in meeting patching/remediation targets for networks, OS and web application components.
Agent Health - Monitor the health of endpoint security technologies (Antivirus, Logging, DLP, etc.).Troubleshoot, report and pursue remediation of issues.
Data Loss Prevention (DLP) - Review events daily and follow up with leaders as needed to determine if an unauthorized loss of data has occurred. Frequent need to evaluate risk and communicate those clearly with leaders throughout the organization.
Security Awareness -Assist in developing the content of various security awareness training efforts. Track and measure success.
Incident Detection and Response - Work with the team to fill local incident detection and response needs.
Technical Associate’s Degree or 2 years equivalent experience
Less than two years
Knowledge Area/Technical Skills/Certifications and Licenses:
Info Security Frameworks
Product Testing & Evaluation
Vulnerability Management Tools
SIEM Tool Experience
GCIA / GSEC
This is not necessarily an exhaustive list of all responsibilities, duties, performance standards or requirements, efforts, skills or working conditions associated with the job. While this is intended to be an accurate reflection of the current job, management reserves the right to revise the job or to require that other or different tasks be performed when circumstances change (e.g. emergencies, rush jobs, change in workload or technological developments).
The Federal Reserve Bank of Atlanta is an equal opportunity employer. ','','Info Security Analyst/Specialist/Engineer - Threat & Vulnerability Management & Incident Response
Federal Reserve Bank of Kansas City
Website : https://www.kansascityfed.org/
The Federal Reserve was established by Congress and signed by President Woodrow Wilson in 1913. It was preceded by financial panics, bank failures and business bankruptcies that severely disrupted the economy. There were two prior attempts at establishing central banks.