.. Hospice Certification benefit and salary increase Merit Increases Employee Discount Programs What You’ll Do: Giving personal care including baths, back rubs, oral hygiene, shampoos and changing bed linens Assisting in dressing and undressing patients Planning and preparing nutritious meals, including .. read more
Company Federal Reserve Bank of Kansas CityThe Federal Reserve Bank of Kansas City is seeking an Information Security Specialist to provide security risk monitoring, analysis, and ongoing assurance activities. Responsibilities include enabling and facilitating an understanding and of the Federal Reserve System information security policies and related requirements. They also take organizational practices and align these practices with security industry best practices. You will be involved in a mixture of project work and operational services, including consulting and subject matter expertise to internal information technology (IT) and business customers.
Candidates with expertise in NIST 800-53, Artificial Intelligence, or FAIR risk assessment methodologies will be highly fulfilled in this role.
Key Activities
: Develops and
maintains
the information security posture (rules, controls, security safeguards, etc.) to protect the Bank's information assets.
Analyzes, documents, and communicates risks using the
Security Assurance for the Federal Reserve (
SAFR
)
risk management process.
Plans, develops, and delivers initiatives that promote sound cyber security practices to include creation and delivery of training (general, business-specific, etc.). Evaluates programs for effectiveness and improvement.
Analyzes the results of assessments, compliance activities, etc.
,
then
reports on
the
results
and p
rovides remediation recommendations.
Determines
asset risk level
s
, coordinates the development of a security plan
s
, and generates a security package
s
.
Reports on compliance and
policy
exceptions. Maintains non-compliance
risk acceptance
review
s
and
facilitates
an
approval process; provides recommendations on non-compliance situations
and
monitors
their delivery.
Provides input to the
NIST
Risk Management Framework (RMF) process activities and related documentation
such as
system lifecycle support plans, operational procedures, training materials, etc.
Participates in supplier assessments
such as
third-party
vendors, cloud services, etc.
by evaluating responses against required controls to
identify
gaps.
Assist
with information risk management services including risk assessments (SAFR) for new and existing Information Technology (IT) automation products and projects.
Enforces information security policies and procedures by creating security reports; reviews information security policy documentation; and investigates
possible security
exceptions.
Defines and
maintains
information security non-compliance (
risk acceptance
) review and approval processes; provides recommendations on information security noncompliance situations.
Assists
in department self-audit, internal audit, external audit reviews, and risk assessments for the department and for end user departments.
Provides guidance and training to less experienced staff performing various activities.
Assists
with the
s
ecurity
c
ommunication
s
,
e
ducation
and
o
utreach program
s
. Helps plan, develop, and deliver initiatives that promote sound information security practices including
the
creation and delivery of specialized business
-
specific security awareness training.
May
participate
in
organization-wide
and/or local workgroups to
identify
security issues and vulnerabilities, assess risks, and
determine
feasible
alternatives and costs.
Qualifications: Typically requires at least
3
years of relevant IT experience.
High school education or GED. Associate's degree specializing in an information technology field from an accredited college or university or technical school, or equivalent combination of directly related education and/or experience preferred.
Industry recognized security certifications such as CISSP, CISM, CISA, AWS Security and others are preferred.
Experience leading or
assisting
with cyber security risk assessments or cyber security related
initiatives
/projects.
Experience with risk-based control assessment methodologies.
Experience developing assessment reports that effectively and concisely communicate results and risks to a variety of stakeholders.
Familiarity with
Federal Information Security Modernization Act (
FISMA
)
, FedRAMP, and other NIST 800 publications.
Demonstrated ability to lead multiple projects simultaneously and to work in a highly dynamic, rapidly changing environment.
Excellent interpersonal,
communication, organizational, and analytical skills.
Excellent consultative skills and the proven ability to work effectively with business partners, internal management and staff, vendors, and consultants.
Works under direction; follows established methods and policy. Makes decisions when general instructions or established methods
indicate
an action to be taken.
Location(s) : Hybrid - Kansas City, Denver, Omaha, Oklahoma City
Remote Eligible - No
Screening Requirements : This position has additional screening requirements due to the information accessed while performing the job. These additional screenings would be initiated at the time of offer acceptance and can take up to a couple of months to be completed. You can begin work before the screening is completed; however, continued employment is contingent on acceptable screening results. The areas screened may include education/employment verification, criminal history, credit history, and reference checks.
United States citizenship is
required
for this position.
Sponsorship : Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future.
About Us: Total Rewards & Benefits
Diversity, Equity & Inclusion
Who We Are
What We Do
Follow us on
LinkedIn , Instagram,
X (formerly Twitter) , and
YouTube Full Time / Part Time Full time Regular / Temporary Regular Job Exempt (Yes / No) Yes Job Category Information Technology Work Shift First (United States of America)
The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences. Privacy Notice
Helping diverse candidates find great careers is our goal. The information you provide here is secure and confidential. We are now directing you to the original job posting. Please apply directly for this job at the employer’s website.
#J-18808-Ljbffr
Candidates with expertise in NIST 800-53, Artificial Intelligence, or FAIR risk assessment methodologies will be highly fulfilled in this role.
Key Activities
: Develops and
maintains
the information security posture (rules, controls, security safeguards, etc.) to protect the Bank's information assets.
Analyzes, documents, and communicates risks using the
Security Assurance for the Federal Reserve (
SAFR
)
risk management process.
Plans, develops, and delivers initiatives that promote sound cyber security practices to include creation and delivery of training (general, business-specific, etc.). Evaluates programs for effectiveness and improvement.
Analyzes the results of assessments, compliance activities, etc.
,
then
reports on
the
results
and p
rovides remediation recommendations.
Determines
asset risk level
s
, coordinates the development of a security plan
s
, and generates a security package
s
.
Reports on compliance and
policy
exceptions. Maintains non-compliance
risk acceptance
review
s
and
facilitates
an
approval process; provides recommendations on non-compliance situations
and
monitors
their delivery.
Provides input to the
NIST
Risk Management Framework (RMF) process activities and related documentation
such as
system lifecycle support plans, operational procedures, training materials, etc.
Participates in supplier assessments
such as
third-party
vendors, cloud services, etc.
by evaluating responses against required controls to
identify
gaps.
Assist
with information risk management services including risk assessments (SAFR) for new and existing Information Technology (IT) automation products and projects.
Enforces information security policies and procedures by creating security reports; reviews information security policy documentation; and investigates
possible security
exceptions.
Defines and
maintains
information security non-compliance (
risk acceptance
) review and approval processes; provides recommendations on information security noncompliance situations.
Assists
in department self-audit, internal audit, external audit reviews, and risk assessments for the department and for end user departments.
Provides guidance and training to less experienced staff performing various activities.
Assists
with the
s
ecurity
c
ommunication
s
,
e
ducation
and
o
utreach program
s
. Helps plan, develop, and deliver initiatives that promote sound information security practices including
the
creation and delivery of specialized business
-
specific security awareness training.
May
participate
in
organization-wide
and/or local workgroups to
identify
security issues and vulnerabilities, assess risks, and
determine
feasible
alternatives and costs.
Qualifications: Typically requires at least
3
years of relevant IT experience.
High school education or GED. Associate's degree specializing in an information technology field from an accredited college or university or technical school, or equivalent combination of directly related education and/or experience preferred.
Industry recognized security certifications such as CISSP, CISM, CISA, AWS Security and others are preferred.
Experience leading or
assisting
with cyber security risk assessments or cyber security related
initiatives
/projects.
Experience with risk-based control assessment methodologies.
Experience developing assessment reports that effectively and concisely communicate results and risks to a variety of stakeholders.
Familiarity with
Federal Information Security Modernization Act (
FISMA
)
, FedRAMP, and other NIST 800 publications.
Demonstrated ability to lead multiple projects simultaneously and to work in a highly dynamic, rapidly changing environment.
Excellent interpersonal,
communication, organizational, and analytical skills.
Excellent consultative skills and the proven ability to work effectively with business partners, internal management and staff, vendors, and consultants.
Works under direction; follows established methods and policy. Makes decisions when general instructions or established methods
indicate
an action to be taken.
Location(s) : Hybrid - Kansas City, Denver, Omaha, Oklahoma City
Remote Eligible - No
Screening Requirements : This position has additional screening requirements due to the information accessed while performing the job. These additional screenings would be initiated at the time of offer acceptance and can take up to a couple of months to be completed. You can begin work before the screening is completed; however, continued employment is contingent on acceptable screening results. The areas screened may include education/employment verification, criminal history, credit history, and reference checks.
United States citizenship is
required
for this position.
Sponsorship : Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future.
About Us: Total Rewards & Benefits
Diversity, Equity & Inclusion
Who We Are
What We Do
Follow us on
LinkedIn , Instagram,
X (formerly Twitter) , and
YouTube Full Time / Part Time Full time Regular / Temporary Regular Job Exempt (Yes / No) Yes Job Category Information Technology Work Shift First (United States of America)
The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences. Privacy Notice
Helping diverse candidates find great careers is our goal. The information you provide here is secure and confidential. We are now directing you to the original job posting. Please apply directly for this job at the employer’s website.
#J-18808-Ljbffr