Federal Reserve Bank of San Francisco · 1 month ago
Information Security Specialist
Denver, CO
Full-time
Hybrid
Senior Level
$99K/yr - $139K/yr
6+ years expThe Federal Reserve Bank of Kansas City is part of the nation's central bank, focused on strengthening and protecting economic, financial, and payments systems. The Information Security Specialist will modernize cybersecurity risk management methods, assess risks, and collaborate with stakeholders to enhance the organization's security posture.
BankingFinanceFinancial Services
No H1B
U.S. Citizen Only
Responsibilities
Modernize the current approach to cybersecurity risk management and assessments
Research and evaluate methodologies and frameworks and subsequently apply them for use in the organization
Identify and implement risk quantification and scoring approaches within the organization
Perform in-depth data analysis to identify patterns, trends, and areas of focus and priority
Incorporate threat intelligence into risk assessments to provide context-aware risk evaluations
Conduct business impact analyses to understand how security incidents affect critical business functions
Evaluate and quantify risks associated with third-party vendors and supply chain
Assess specific risks related to cloud environments and services
Develop reports and dashboards to illustrate the organization's risk posture
Ensure that cybersecurity risk is integrated with IT risk, and informs overall Enterprise risk
Research and identify options to establish a risk register
Develop and track risk treatment plans including mitigation strategies, acceptance justifications, or transfer options
Map cybersecurity risks to relevant regulatory requirements and compliance frameworks
Continuously improve risk management processes based on industry trends and organizational needs
Meet with technical experts and business leaders to convey cybersecurity risk in a way they can understand
Partner with incident response teams to incorporate lessons learned into risk models
Translate complex technical risk scenarios into actionable insights for all levels of the organization
Qualification
Required
Typically requires at least 6 years of relevant cybersecurity risk management experience
Experience with risk scoring methods and risk quantification
Experience with generating reports and dashboards to convey cybersecurity risk in a way that is easy to consume
Experience establishing or running an Enterprise cybersecurity risk management program
Experience with NIST SP 800-53 security standards
Experience presenting risk information to executive leadership
Bachelor's degree specializing in an information technology field from an accredited college or university, or equivalent combination of directly related education and/or experience
Strong knowledge of and experience applying cybersecurity risk frameworks and assessment methodologies; examples may include Factor Analysis of Information Risk (FAIR), NIST Cybersecurity Framework (CSF)
Strong skills and experience with data analysis
Experience with GRC (Governance, Risk, and Compliance) tools
Knowledge of business impact analysis methodologies
Familiarity with cloud security frameworks (CCSK, CCSP)
Ability to understand technical details of cybersecurity risk
Ability to communicate complicated technical risk scenarios to all levels of the organization
Demonstrated self-motivation and ability to perform work independently, and also collaborate in a team environment
Preferred
Information Security industry certification (SSCP, CISSP, GIAC, CISM, CISA, etc.) preferred
Company
Federal Reserve Bank of San Francisco
We are the Federal Reserve Bank of San Francisco—public servants with a mission to advance the nation’s monetary, financial, and payment systems to build a stronger economy for all Americans.
1001-5000 employees
Funding
Current Stage
Late StageLeadership Team
M
Mary C. Daly
Founder, President & Chief Executive Officer
Nargiza Mashuri
Head of Customer Engagement
Recent News
2025-12-22
2025-12-12
2025-11-29
Company data provided by crunchbase