Federal Reserve Bank IT Risk Management Analyst in Kansas City, Missouri
The Federal Reserve Bank of Kansas City is seeking an IT Risk Management Analyst to support the risk identification and management process across all aspects of Information Technology for the defined portfolio of applications (both Cloud and on-prem). Responsibilities include assessing the current adequacy of the security posture, business continuity/disaster recovery plans, threats to the systems, and then calculating the impact of potential adverse events. The qualified candidate will have a strong understanding of information technology design and infrastructure, strong project management acumen, and a working knowledge of NIST security protocols.
• Stewards the SAFR (NIST) Risk Management Framework on behalf of the designated officers responsible for the portfolio’s security posture. • Maintains the security posture for Cloud and on-prem applications, including proactively monitoring and remediating security controls in accordance with SAFR (NIST) standards. • Assesses internal control performance, identifies weaknesses, and provides recommendations to strengthen the control environment. • Reviews and provides guidance to the System Owner for the Security Impact Analysis (SIA) for each software release. • Develops and documents POAMs and Exceptions appropriate for the circumstance, tracking each as needed. • Tracks and verifies adherence to information security policies procedures and requirements. • Coordinates updates to the business continuity plan and Data Sharing Plans with interfacing technology partners. • Coordinates and executes Business Resumption Test efforts. • Provides rotational 24/7/365 on-call support to investigate and diagnose issues, calling in engineers or software developers to resolve issues.
• Bachelor’s degree in Business, Information Technology, or related field from a four year college or university preferred, or equivalent work experience. • 3 years of experience in risk management, audit or information security. • Federal Reserve Bank SAFR certification, or agreement to obtain within 6 months of position acceptance. CISSP certification preferred. • Familiarity with common information security frameworks (NIST/FedRAMP). • Completion of AWS Security Fundamentals. • Strong project management skills, with PMP preferred. • Proficiency in Atlassian suite of products such as Confluence and Jira. • SAFe certification or training preferred. • Excellent written and verbal communication skills, with ability to communicate risk and compliance subject to multiple audiences, including technicians, leadership and business persons. • Outstanding customer service skills. • Availability and willingness to provide 24/7/365 rotational on-call support.
This position has additional screening requirements due to the information accessed while performing the job. These additional screenings would be initiated at the time of offer acceptance and can take up to a couple of months to be completed. You can begin work before the screening is completed; however, continued employment is contingent on acceptable screening results. The areas screened include, education/employment verification, criminal history, credit history, and reference checks.
Certain eligibility requirements apply.
Follow us on LinkedIn, Twitter, and our YouTube channel - Kansas City Fed.
/We [Federal Reserve Bank of Kansas City] are committed to building a diverse workplace, and are continually striving to achieve this goal. As such, we provide equal employment opportunities regardless of race, color, religion, sex, gender identity and/or expression, national origin, age, disability, sexual orientation, or genetic information./
Organization: *Federal Reserve Bank of Kansas City
Title: IT Risk Management Analyst
Location: MO-Kansas City
Requisition ID: 265434
Other Locations: GA-Atlanta, TX-Dallas, VA-Richmond, NY-New York City, MO-St. Louis, OH-Cleveland, IL-Chicago, CA-San Francisco, MA-Boston, MN-Minneapolis, PA-Philadelphia