Federal Reserve Bank of San FranciscoWe are the Federal Reserve Bank of San Francisco—public servants with a mission to advance the nation’s monetary, financial, and payment systems to build a stronger economy for all Americans. We are a community-engaged bank, and are committed to understanding and serving the vibrant, expansive communities of the Twelfth District. That means we seek and appreciate new perspectives. We respect people for what they do and for who they are. We build opportunities to learn and grow. When you join the SF Fed, you become part of a diverse team united in its purpose to promote an economy that works for everyone. We empower our people to balance their life and work responsibilities. That’s why we offer a flexible hybrid work model that allows you to collaborate with office colleagues on some days, and work from home on others.
Information Security at the FRBSF has a position for a Lead Information Security Engineer who will join us in evolving application security and fostering collaboration with development teams. This role offers the opportunity to use your technical skills, and security understanding, to design and engineer solutions that assist our development teams in implementing DevSecOps and creating secure and resilient applications and environments. This role requires strong analytical, communication, problem solving, engineering, and interpersonal skills. In this role you will work closely with other members of the Information Security team, our application development groups, and other groups across the Federal Reserve System, helping to build strong relationships across functions and create solutions that provide effective, seamless security to protect our custom developed products.
Essential responsibilities:
Develop and help implement security tools and solution patterns to support secure software development and application design/operation
Provide guidance to DevOps team members with the design, development and operationalization of security, during development, deployment and operation of applications
Help refine DevSecOps processes and engage in security engineering review of code and IT configuration
Support secure development within the Federal Reserve System by fostering constructive dialogue and seeking resolution when confronted with discordant views
Perform reviews of proposed or implemented pipeline, application module or cloud solutions.
Deliver and improve security metrics
Mentor more junior engineers and be a security thought leader for the organization
Assist with recruiting activities and administrative work
Minimum Qualifications:
Bachelor's degree in computer science, Information Systems, Computer Engineering, Cybersecurity, Systems Analysis or a equivalent work experience
A Sr Security engineer requires five or more years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration and 3+ years’ experience designing and deploying security solutions. A Lead Security engineer requires eight or more years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration and 3+ years’ experience designing and deploying security solutions
Proficiency with coding and scripting languages, such as, C#, C++, Java, Python, Go, Rust, PowerShell, Node.js, React and Bash
Minimum of 5 years of experience in defensive security, 8 or more years in IT
SANS GSEC or equivalent technical security focused certification
Must be a U.S. Citizen or a Green Card holder with the intent to become a U.S. Citizen
Preferred skills:
Experience with threat modeling and security review processes
Experience with OpenShift, Kubernetes, or Docker
Experience with securing development within AWS or Azure
Experience with Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST) and Secure Component Analysis (SCA) tools
Experience with CI/CD pipeline platform tools such as Ansible, Jenkins, GitLab or GitHub and various branching strategies
Experience with Splunk or Elastic, Logstash, Kibana (ELK)
Experience as a developer and/or working closely with application development teams
Familiarity with OWASP projects and NIST and CISA standards and guidance
Ability to communicate clearly and influence outcomes
Ability and desire to engage in continuous learning and upskilling
SANS GWEB, GWAPT, or other similar secure development, cloud security or application security certification
Base Salary Range for Sr. IT Security Engineer: Min: $113,600 - Mid: $147,600 - Max: $181,600(Location: San Francisco) Base Salary Range for LEAD IT Security Engineer: Min: $138,900 - Mid: $180,400 - Max: $221,900 (Location: San Francisco)
Final salary and offer will be determined by the applicant’s background, experience, skills, internal equity, and alignment with market data.
We offer a wonderful benefits package including Medical, Dental, Vision, Pre-tax Flexible Spending Account, Backup Child Care Program, Pre-Tax Day Care Flexible Spending Account, Paid Family Care Leave, Vacation Days, Sick Days, Paid Holidays, Pet Insurance, Matching 401(k), and Retirement/Pension.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, perform essential job functions, and receive other benefits and privileges of employment. The SF Fed is an Equal Opportunity Employer.
#LI-Hybrid
Full Time / Part Time
Full time
Regular / Temporary
Regular
Job Exempt (Yes / No)
Yes
Job Category
Information Technology
Work Shift
First (United States of America)
The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.
Always verify and apply to jobs on Federal Reserve System Careers (https://rb.wd5.myworkdayjobs.com/FRS) or through verified Federal Reserve Bank social media channels.