Information Security Controls Specialist

Federal Reserve Bank of Dallas

Primary Location

 TX-Dallas

Full-time / Part-time

 Full-time

Employee Status

 Regular

Overtime Status

 Exempt

Job Type

 Experienced

Travel

 Yes, 5 % of the Time

Shift

 Day Job

Work Hours Monday – Friday, 8am – 5pm
Job Sensitivity Tier II – Credit Check
ORGANIZATIONAL SUMMARY:
As part of the nation’s central bank, the Federal Reserve Bank of Dallas is committed to strengthening the economy and our communities.  At the Fed, you have the opportunity to become part of an important public service institution whose work touches lives across the globe.  It’s a big job and that’s why we need talented, results-driven professionals who care about making a difference.
 
POSITION SUMMARY:
Responsible for supporting the District’s understanding and compliance with the Federal Reserve System information security policies, practices, and related industry best practices. Responsibilities include executing information security- related projects and operational tasks, as well as providing information security policy and practice  expertise to IT and business customers.
 
RESPONSIBILITIES:
This position will be embedded within an Information Security team to perform internal quality assurance functions ensuring appropriate processes and controls are in place and tested. This position will also interface with audit and system compliance groups to support compliance reviews and perform other duties as assigned.
 
Responsible for conducting reviews of internal Information Security processes to ensure compliance with policy/procedure, to report results to management and to identify possible process and control improvements.  Will apply a broad knowledge of audit principles and practices in understanding Information Security operations, processes, and procedures.  Will be able to effectively communicate findings and recommendations to IT management and to demonstrate an ability to interact with all levels of Bank personnel.
 
Responsible for acting as the primary point of contact representing Information Security to external and internal audit entities, organizing meetings, tracking action items, and responding to documentation requests.
 
JOB REQUIREMENTS:
  • Understanding of audit and compliance processes as demonstrated through previous education or experience.
  • Familiarity with the International Standards for the Professional Practice of Internal Auditing (Standards) as maintained by the Institute of Internal Auditors; North America.
  • Ability to effectively assess operational internal controls.
  • Basic understanding of IT concepts and systems.
  • Effectively document and communicate findings to management.
  • Ability to successfully execute on a variety of project tasks and meet deadlines.
  • Effective communication skills, written and oral.
  • Demonstrate the ability to estimate work effort for tasks.
  • Flexibility in switching between tasks; multi-tasking.
  • CISSP and/or CISA certification would be a plus.
     
     
COMPETENCIES
Process Management: Good at figuring out the processes necessary to get things done. Knows how to organize people and activities. Knows what to measure and how to measure it. Can simplify complex processes.  Understands how to separate and combine tasks into efficient work flow.  Gets more out of fewer resources.
 
Time Management:  Uses time effectively and efficiently.  Concentrates efforts on the more important priorities.  Gets more done in less time than others.  Can attend to a broad range of activities.
 
Planning:  Accurately scopes out length and difficulty of tasks and projects.  Sets objectives and goals.  Breaks down work into the process steps.  Develops schedules and task assignments.  Measures performance against goals.  Evaluates results.
 
Learning on the Fly:  Learns quickly when facing new problems.  Open to change.  Analyzes both successes and failures for clues to improvement.  Experiments and will try anything to find solutions.  Enjoys the challenge of unfamiliar tasks.  Quickly grasps the essence and the underlying structure of anything.
 
Complexity:  Broad range of work, sometimes complex and non-routine, in a variety of environments.
Influence: Interacts with and influences department/project team members.  Frequent contact with customers for predictable and structured tasks/projects. 
 
EDUCATION AND EXPERIENCE:
  • 0-2 years in the field of Audit or Information Security either related to all or some of the primary responsibilities.
  • Bachelor’s degree in Business, Management Information Systems, Computer Science or related field of study.
  • CISA and/or CISSP certification is a plus.
  • NIST-based security controls and frameworks a plus.
  • Knowledge of the Federal Reserve System and/or Security Assurance for the Federal Reserve (SAFR) is a plus.
  • Understanding of basic security capabilities and vulnerabilities related to operating systems, network systems, database systems, and security systems is a plus.
  • Equivalent education and/or experience may be substituted for the above.
     
     
 
WORK HOURS AND CONDITIONS: 
Monday through Friday, 8am – 5pm as business needs dictate.
Notes:
This position requires that candidates be a U.S. citizen.
 
Employment is contingent upon the selected candidate passing a financial credit check.
This position may be filled at various levels based on candidate’s experience and departmental needs.
 

Source:https://frb.taleo.net/careersection/11k_external/jobdetail.ftl?job=553340