Job Summary: This position is responsible for providing information security guidance and contributing top level technical expertise for all phases of analysis, design, development, and implementation for enterprise-wide technology initiatives. The architect is expected to evaluate various technical solutions, make recommendations, lead discussions on cyber security topics with external audiences and assist with the development and implementation of solutions from an information security perspective. This position also provides District level consulting support and guidance on Federal Reserve System on technology initiatives as they relate to local information security operations/mission, and is knowledgeable in the principal technologies of the department's mission.
Principal Accountabilities: • Work with application development and project management teams to provide security direction and make recommendations regarding security controls for new and existing business software on a diverse set of technical platforms. • Lead discussions and present to both internal and external audiences on cyber security topics • Consult on the design and deployment of cloud services • Contribute to general business planning regarding technology and systems required to maintain the security posture of both the department and the Boston Reserve Bank. • Conduct information security assessments of software, internal systems and systems supplied by third parties • Recognize new developments in information security/systems technology, and anticipate organizational modifications. • Contribute to the establishment of long-term needs for technology related to the department's mission, and plan strategy for developing systems and acquiring hardware to meet those needs. • Serve as the project manager for Information Security consulting and engineering projects.
Other Accountabilities: Perform other duties as assigned.
Supervision: This position is not required to directly supervise others.
Knowledge and Experience: Knowledge and experience normally acquired through, or equivalent to, the completion of a Master's degree and a minimum of 5-7 years of job-related experience. • Position requires demonstrated success with planning and integrating information security solutions (cloud hosted and on-premises), developing and implementing security policy, and developing new/leveraging existing technology solutions to provide enhanced business intelligence in support of information security • A proven ability to present technical and non-technical concepts to audiences at all levels of an organization • Extensive experience applying risk management frameworks such as NIST, FISMA, or ISO 27000 • A deep understanding of information security, identity and access management and networking fundamentals (experience using IAM and network monitoring technologies preferred) • Comprehensive knowledge of DevOps and ability to perform code reviews (some application development experience preferred) • A proven ability to understand new or emerging technologies (e.g. Blockchain, machine learning, robotic process automation) and effectively consult on the ramifications of their use • Knowledge of third party lifecycle management and vendor risk management methodologies, including associated regulatory and industry guidance • Scripting skills preferred • This position also requires a CISSP or equivalent certification and the ability to obtain a security clearance.
The Federal Reserve Bank of Boston is committed to a diverse and inclusive workplace and to provide equal employment opportunities to all persons without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, genetic information, disability, or military service.
All employees assigned to this position will be subject to FBI fingerprint/ criminal background and Patriot Act/ Office of Foreign Assets Control (OFAC) watch list checks at least once every five years.
The above statements are intended to describe the general nature, level of work and the requirements of this position. They are not intended to be an exhaustive list of all duties and responsibilities associated with this position or the personnel so classified. While this job description is intended to be an accurate reflection of this position, management reserves the right to revise this or any job description at its discretion at any time.
