Foundation for Advancing Security Talent

Cyber Security Business Expert

Federal Reserve Bank of Chicago
New York, New York, United States
2 days ago


Company Federal Reserve Bank of New York

Working at the Federal Reserve Bank of New York positions you at the center of the financial world with a unique perspective on national and international markets and economies. You will work in an environment with a diverse group of experienced professionals to foster and support the safety, soundness, and vitality of our economic and financial systems. It is a challenge that demands the skills of a financial service professional and the intelligence of an academic-all combined with a passion for public service.

This position will offer workplace flexibility e.g. working remotely or on site as needed/ desired during the week. Employees can expect to be in the office weekly as needed for meetings and team collaboration and should live within a commutable distance. The Bank believes in work flexibility to balance the demands of work and life while also connecting and collaborating with our colleagues in person a couple days a week.

What we do:
Information Security New York (ISNY) develops, executes, and maintains an information security program that promotes resiliency by identifying and mitigating cyber threats through risk-based consultation, advice, and direction for controls, designs, and investments for the entire Bank. You will report to the Deputy CISO.

The Cyber Security Business Expert (CSBE) role will partner with several Groups as an information security enterprise 1st line of defense to reduce cyber risks across end-to-end business activities, achieving outcomes and "moving the needle on security". The CSBE ensures that compensating controls are horizontally implemented across SAFR boundaries and Group boundaries from an end-to-end risk view. This role is embedded in the business to become an expert on the Corporate and Core business processes, information assets , applications and systems with a long-term threat horizon focus to anticipate new attack vectors, threat actor tactics, and cyber security trends and new capabilities directly linked to the Bank's principal business activities.

Your role as Cyber Security Business Expert:

  • Serve as the 1st line of defense cyber risk mitigation in the Corporate and Core Groups of the Bank to find and address cyber risks by designing and supporting the implementation of additional compensating controls in partnership with the business and national technology team
  • Partner with the business on all new technology-related and new business process-related programs to "build security in" from the beginning, applying security controls standards.
  • Partner with the business to develop long-term plans to address the cybersecurity challenges and changes across the Bank's Groups
  • Assess cyber risks to the business by linking cyber threat intelligence with business information assets, technology assets, business processes to determine the inherent and residual risks for the Bank.
  • Lead the partnership with the business to enrich cyber threat intelligence to answer the "so what?" question and make the intelligence more applicable (i.e., contextualized to the business operating environment).
  • Partner with ISNY's Risk Identification Team and the business in the development of cyber residual risk thresholds for all of the cyber risk scenarios aligned to the Corporate and Core Groups, partnering to cascade the risk tolerance to the business.
  • Lead the cyber risk governance decision-making process with the impacted Group(s) whenever the cyber risk KRI's exceed the residual risk thresholds in one or more cyber risk scenarios.
  • Partner with departments to advocate cybersecurity best practices, and procedures with external partner organizations to reduce cyber threats.
  • Establish relationships with information security organizations, peer institutions, government groups, and cybersecurity forums to exchange ideas, techniques and trends, and best practices that can be assessed and adopted by the Bank.
  • Monitor the external cyber threat landscape for the business. Assess new threat actor tactics and techniques, along with technology trends, to better understand the future impact on cyber risk.

What we are looking for:

  • Bachelor's degree required in IT related field, Computer Science preferred .
  • 10+ years of relevant work experience preferred .
  • Possession of , or the ability to obtain, a U.S. Government Security Clearance, which includes U.S. Citizenship.
  • In-depth understanding of the cyber threat landscape.
  • Prior hands-on cyber security experience in multiple domains
  • Excellent Business Analysis and problem-solving skills


Our organization offers benefits that are the best fit for you at every stage of your career:
  • Fully paid Pension plan and 401k with Generous Match
  • Comprehensive Insurance Plans (Medical, Dental and Vision including Flexible Spending Accounts and HSA)
  • Subsidized Public Transportation Program
  • Tuition Assistance Program
  • Onsite Fitness & Wellness Center
  • And more

Please note that the position requires access to confidential supervisory information and/or FOMC information, which is limited to "Protected Individuals" as defined in the U.S. federal immigration law. Protected Individuals include, but are not limited to, U.S. citizens, U.S. nationals, and U.S. permanent residents who either are not yet eligible to apply for naturalization or who have applied for naturalization within the requisite timeframe. Candidates who are permanent residents may be eligible for the information access required for this position if they sign a declaration of intent to become a U.S. citizen and pursue a path to citizenship and meet other eligibility requirements.

In addition, all candidates must undergo an enhanced background check, comply with all applicable information handling rules, and will be tested for all controlled substances prohibited by federal law, to include marijuana.

The Federal Reserve Bank of New York is committed to a diverse workforce and to providing equal employment opportunity to all persons without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, genetic information, disability, or military service.

Incumbent must be fully vaccinated against COVID-19, unless the Bank grants an exemption based on a medical condition or sincerely held religious belief.

This is not necessarily an exhaustive list of all responsibilities, duties , performance standards or requirements, efforts, skills or working conditions associated with the job. While this is intended to be an accurate reflection of the current job, management reserves the right to revise the job or to require that other or different tasks be performed when circumstances change.

Full Time / Part Time Full time

Regular / Temporary Regular

Job Exempt (Yes / No) Yes

Job Category Information Technology

Work Shift First (United States of America)

The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.

Privacy Notice

Job Information

  • Job ID: 60949512
  • Location:
    New York, New York, United States
  • Position Title: Cyber Security Business Expert
  • Company Name: Federal Reserve Bank of Chicago
  • Job Function: Other
  • Job Type: Full-Time
Jobs You May Like