Cyber Security Analyst II/III

Federal Reserve Bank of Cleveland
Cleveland, OH
22 Jan 2025

Vacancy expired!

Company Federal Reserve Bank of Cleveland

The selected candidate will support the Cybersecurity Analytics Support Team (CAST) function by actively working with CAST personnel, supervisory staff and Board of Governors' staff concerning ongoing cyber incidents within supervised institutions as well as emerging threats potentially impacting the United States financial sector. This individual would have experience and/or expertise in multiple cybersecurity subject matter areas:•\tCybersecurity related frameworks such as NIST 800-53, NIST Cybersecurity Framework (CSF), IS 27001, MITRE ATT&CK, etc.•\tAssessing cybersecurity threats, vulnerabilities, and related exploitation activity: recommending related mitigations to manage risk to computing environments.•\tTracking and reporting on threat actor groups that potentially pose a threat to the United States financial sector.•\tCloud services and providers such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform.•\tIncident management and response activities related to cybersecurity events.•\tSecurity architecture and design implementation to mitigate threats against confidentiality, integrity, and availability.

This position requires access to confidential supervisory information and/or FOMC information, which is limited to \"Protected Individuals\" as defined in the U.S. federal immigration law. Protected Individuals include, but are not limited to, U.S. citizens, U.S. nationals, and U.S. permanent residents who either are not yet eligible to apply for naturalization or who have applied for naturalization within the requisite timeframe. Candidates who are not U.S. citizens or U.S. permanent residents may be eligible for the information access required for this position and sponsorship for a work visa, and subsequently for permanent residence, if they sign a declaration of intent to become a U.S. citizen and meet other eligibility requirements.

In addition, all candidates must undergo an enhanced background check and comply with all applicable information handling rules, and all non-U.S. citizens must sign a declaration of intent to become a U.S. citizen and pursue a path to citizenship.

Essential Accountabilities
  • Conducts analysis and interpreting of cybersecurity threat intelligence to identify trends and emerging risks.
  • Provide input and insight into response activities during cyber incidents to include best practices from regulatory bodies, cybersecurity organizations, and NIST.
  • Conducts formal assessments to determine the severity of reported cybersecurity incidents at financial institutions.
  • Prepares in written form research, analysis, and assessments for key internal stakeholders as needed or requested. Analysis supports recommendations regarding cybersecurity threats, threat vectors, threat actors and threat trends.
  • Demonstrates knowledge of cybersecurity threats within the broader financial sector and related industries.
  • Assist bank supervision examination teams, the central point of contact teams, and examiners-in-charge during active cybersecurity incidents at regulated banking/financial institutions.
  • Build and maintain relationships with central points of contact teams, examiners, and board staff across the Federal Reserve System.
  • Communicate appropriate information to the Supervision & Regulation staff at the Federal Reserve Bank and Board levels to maintain a comprehensive understanding of ongoing incidents and ensure appropriate steps are taken to isolate any potential residual effects from a cyber incident.
  • Participates in knowledge sharing forums related to key cybersecurity risks and emerging issues.
  • Participates in efforts to advance Reserve Bank or System strategic initiatives.
  • Provides leadership, coaching, and mentoring for less experienced analysts on processes and procedures related to internal matters and the supervisory process.
  • Weekend on-call support is part of the position on a rotating basis (generally once every 12 weeks)
  • Performs other duties as assigned or requested.

Education and Experience

ANALYST II: Bachelor's Degree in Computer Science, Management Information Systems, Intelligence or related field and 5+ years of related work experience required OR Two years of college and 7+ years of professional work experience.
  • Strong understanding of technology governance, technology risk management, internal audit, and vendor/third party risk management.
  • Knowledge of firewalls, intrusion prevention/detection systems, Linux, Windows, and Identity and Access Management concepts.
ANALYST III: Bachelor's Degree in Computer Science, Management Information Systems, Intelligence or related field and 7+ years of related work experience required OR Master's Degree and 5+ years of professional work experience.
  • Advanced ability to perform independent research and provide written reports summarizing findings and analysis
  • Intermediate knowledge of regulations, procedures, and practices of a specific discipline (e.g., bank examinations, information security, cyber intelligence)
  • Advanced problem solving and analytical thinking
  • Advanced specialized operational/technical skills in cyber intelligence and information security
  • Intermediate knowledge of Microsoft Office; general proficiency in Word, PowerPoint and Excel
  • Intermediate knowledge of project management
  • Intermediate ability to analyze information and demonstrate findings with written reports, data visualizations, graphs/charts, or presentations

Physical Demands and General Working Conditions

Traditional office environment: Employees typically sit most of the day, work with a computer and may answer/respond to phone calls. Physical movement consists of walking for meetings, breaks, etc. Ability to lift items weighing approximately 20 pounds on a limited basis is required. Addendum as needed: Employees may be required to travel by car/air.

Full Time / Part Time Full time

Regular / Temporary Regular

Job Exempt (Yes / No) Yes

Job Category Information Technology

Work Shift First (United States of America)

The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.

Privacy Notice
  • ID: #48734601
  • State: Ohio Cleveland 44102 Cleveland USA
  • City: Cleveland
  • Salary: USD TBD TBD
  • Job type: Permanent
  • Showed: 2023-01-22
  • Deadline: 2023-03-22
  • Category: Et cetera