Your role as Cyber Security Business Expert Officer:
The Cyber Security Business Expert (CSBE) is an Officer role in the Bank, requiring hands-on cyber security experience, outstanding communication and organization skills, in-depth understanding of the cyber threat landscape, an ability to independently operate and execute, a capacity to learn business operations, and critical thinking skills. The CSBE will develop Information Security partnerships with the business areas (Client) in identifying, anticipating, and solving cyber security problems.
The CSBE is familiar with the technologies and platforms used by the Client, and those prevalent or emerging in the Client’s business area. The CSBE should be an expert in cyber with respect to the Client’s business functions, including:
- evolving and anticipated threats
- technology trends and their impact on cyber
- innovative and forward looking mitigation techniques
- the impact of changes to standards, laws, regulations and best practices
The position is an individual contributor Officer-level role, residing in the Information Security Function, and reports to the Department Head of Information Security Strategy and Business Engagement. The successful candidate will be an experienced cyber security professional who has a track record of independent work, business involvement and focus on business outcomes, and familiarity working in a matrix operating model and federated environment.
The CSBE will work collaboratively with the Technology Group’s Client Engagement teams to incorporate security considerations into the demonstrable prototypes in the pursuit of innovative solutions for the Client. The CSBE will also work collaboratively and build partnerships with the Client across multiple business units outside of the Technology Group. The CSBE will collaborate with the other two CSBEs to establish best practices, sample deliverables, and other outcomes that may be mutually beneficial for different business areas (i.e., there are currently three CSBE positions, and this position is one of these three). The role will leverage the resources and subject matter expertise of the Information Security Function where appropriate in pursuit of objectives.
This CSBE position will focus on one or more primary business areas, which are payment systems, transactional and core services oriented business operations, and large-scale analytic driven operations. Within the broader Bank this scope includes the protection of mission-critical applications and systems that support market operations, financial institution supervision, services to banking organizations, services to the U.S. Treasury Department, and internal Bank operations.
- Act as a cyber resource for cyber security activities that extend beyond defined information security services in alignment with internal Client Groups who are data dependent and the Technology Group’s Client Engagement team supporting those groups.
- In collaboration with the Client, provide thought leadership with a goal towards fostering strong strategic cyber planning in the Client’s information security space.
- Identify, and facilitate the identification of, existing and emergent cyber threats and risks.
- Facilitate cyber security table tops and exercises as directed by the Client.
- Create and develop cyber risk metrics that inform the Client’s overall cyber risk posture, as an input into the cyber risk management process.
- Act as a business area cyber consultant for cyber topics and needs.
- Cyber threat aggregation, sharing, contextualization, and reporting that is specific to the assigned Client.
- Emergent threat identification and forward looking mitigation innovation.
- Maintain ongoing Client industry engagement on cyber security with external parties.
- Strong understanding of industry standard information security control frameworks.
The ideal candidate will be a self-motivated learner, naturally curious, and driven to learn the Client’s business in the following business area (i.e., immersive on the job learning):
Data & Analytics
- Knowledge of the Supervision, Regulation, Research and Statistics businesses at the Bank and the key role that Data plays in meeting the needs of their teams.
- A detailed understanding of the current and emerging technologies used by the Supervision, Regulation, Research and Statistics industry and how they can be best leveraged by the Client(s) to meet its mission and objectives.
Technology- Key Characteristics and Capabilities
- Excels at leveraging skills/knowledge of others and engaging them in decision-making and problem solving.
- Has substantial influence with internal and/or external stakeholders (e.g. National IT, Treasury).
- Able to debate, persuade and contribute fresh insight to discussions of broad issues.
- Is seen as original and value-added in brainstorming settings.
- Can take what s/he knows and apply it in new/different ways.
- Demonstrates strong negotiation and influence skills and ability to manage conflict.
- Faces up to controversy, willing to say what needs to be said but does so in a constructive way.
- Is open to risk-taking, but balances that with a good sense of when to engage others and when to escalate.
- Demonstrates Bank wide Competencies expected at this level.
What we are looking for:
- Bachelor’s or Master’s degree in IT related field, Computer Science preferred, or professional equivalent experience.
- Generally minimum 10-12 years of relevant work experience.
- Able to work effectively as a team member and individual contributor.
- Demonstrated ability to establish and maintain credibility with all levels of management and promote and cultivate quality throughout the organization.
- Ability to work in a matrix and federated environment to achieve objectives.
- Ability to actively engage with external industry peers to build relationships that facilitate information exchange.
- In-depth understanding of the cyber threat landscape.
- Prior hands-on cyber security experience in multiple domains.
- Intimately knowledgeable of the products, services, and processes of the Client and stays well informed about the changes affecting the Client’s industry.
- Excellent Business Analysis and problem-solving skills.
- Highly creative and experienced in designing innovative technology solutions for the business.
- Excellent written and verbal presentation skills with ability to present ideas in a business and user-friendly language.
- Experienced in relationship management.
- Mission-driven orientation, with a strong interest in public service;
- Strong commitment toward diversity and inclusion and one who values diversity of background, thought and perspectives;
- Unquestionable ethics and integrity;
- Ability to satisfy the Federal Reserve System’s Conflict of Interest requirements;
- Possession of or the ability to obtain U.S. Government Security Clearance, which includes U.S. Citizenship.
This position requires access to FOMC information, which is limited to “Protected Individuals” as defined in the U.S. federal immigration law. Protected Individuals include, but are not limited to, U.S. citizens, U.S. nationals, U.S. permanent residents who are not yet eligible to apply for naturalization, and U.S. permanent residents who have applied for naturalization within six months of being eligible to do so.
The Federal Reserve Bank of New York is committed to a diverse workforce and to providing equal employment opportunity to all persons without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, genetic information, disability, or military service.
Why the Fed:
Working at the Federal Reserve Bank of New York positions you at the center of the financial world with a unique perspective on national and international markets and economies. You’ll work in an environment with a diverse group of talented professionals to foster and support the safety, soundness, and vitality of our economic and financial systems. It’s a challenge that demands the skills of a financial services professional and the intellectual curiosity of an academic—all combined with a passion for public service