Senior Product Security Engineer developing security solutions for cloud and CI/CD platforms. Focusing on implementing security controls and mitigating systemic risks in multi - cloud environments.
About the role
- Manage vulnerability management program at the Federal Reserve Bank of Chicago. Collaborate on security observability processes and participate in cyber incident response activities.
Responsibilities
- Manages and maintains the organization’s vulnerability management program, compiling metrics and performance across the enterprise and its products;
- Improving and maintaining processes to categorize vulnerabilities and route to appropriate implementation teams for resolution;
- Supporting FRFS cyber risk assessment, evaluation and tolerance processes;
- Tracking and ongoing reporting of key performance and risk indicators;
- Serving as a liaison between FRFS IS and other key internal and external stakeholders.
- Establishes and maintains end-to-end observability processes and improvements, defining key alerts and monitors to support an effective incident response process;
- Collaborating with other shared services teams to bring the vision to reality in iterative and incremental fashion.
- Key participant in cyber incident response processes and maintainer of associated processes and procedures.
- Maintains relationships with business areas that interact with FRFS, District, and National governance processes.
- Supports the collection and tracking of cybersecurity and threat intelligence information via open-source and private partnerships.
Requirements
- Bachelor's degree in computer science, information systems, business, or a related field; or the equivalent combination of education and experience.
- 3+ years of demonstrated experience in program management, workflow automation, and/or incident response within an IT enterprise.
- Experience supporting agile processes utilizing DevSecOps frameworks.
- Experience in end-to-end monitoring and alerting solutions, SIEMs, and equivalent technologies in support of anomalous activity monitoring/escalation/triage.
- Familiarity with Splunk, DataDog, and related SIEM tools.
- Familiarity with contemporary scripting tools such as Powershell, Unix shells, etc.
- Familiarity with security orchestration and data transformation processes.
- Experience supporting cyber incident response activities.
- Experience collaborating with senior management to define, track and manage key risk indicators (KRIs).
- Experience collaborating in cross-functional teams to implement industry best practices such as least-privilege enforcement, infrastructure segmentation, DNSSEC, and zero trust architecture.
- Experience supporting open-source intel gathering.
- Familiarity with cryptographic and public key technologies including, but not limited to, TLS, PKI, Multi-factor Authentication solutions, RSA, and Elliptic Curve Cryptography.
- Familiarity in low-code/no-code workflow solutions and application lifecycle management solutions.
- Strong oral and written communication skills to support engagement across technical and business stakeholders.
- Existing SECRET security clearance or must meet eligibility requirements to apply for clearance.
Benefits
- Comprehensive benefits package include medical, dental, vision, prescription drug coverage, 401k savings plan, retirement plan, paid time off, transit benefit, onsite gym and subsidized cafeteria
- A continuous learning environment with opportunities to gain new skills and grow your career
- The Chicago Fed offers benefits to support overall health and financial security.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Program Manager leading programs for national economic security and investment security at Booz Allen Hamilton. Overseeing a large team and aligning objectives with strategic goals.
Senior Analyst for Digital Forensics and Incident Response at AVEVA, responsible for maintaining security program integrity and incident response lifecycle.
Research Assistant for Cybersecurity Training developing training content for cybersecurity education programs. Collaboration with leading companies and ongoing education in innovative research at Fraunhofer SIT.
Cyber Security Werkstudent supporting security consultants in customer projects and gaining insights into information security challenges. Assisting with risk analysis, documentation, and internal security tasks.
Werkstudent in Cyber Security supporting Security Consultants in Munich. Assisting in security assessments and documentation while gaining practical experience in the field.
Lead Cybersecurity Manager providing cybersecurity support and compliance with Federal and DoD cybersecurity policies. Ensuring secure integration of network components in Army environments.
Mental Health Security Specialist for Florida's DCF ensuring safety and security of patients and staff. Patrols facility, responds to emergencies, conducts safety inspections, and handles incidents.
Expert in information security with a focus on managing penetration tests for a leading financial services provider. Involves cloud transformation and regulatory compliance in a dynamic team environment.
Staff Offensive Security Engineer at RD Saúde concentrating on Adversary Emulation and Purple Engineering. Improving adversary simulations and defenses through collaboration and structured plans.