Information Security Engineer (Hybrid)

Company

Federal Reserve Bank of St.

Louis

When you join the Federal Reserve—the nation's central bank—you'll play a key role, collaborating with leading tech professionals to strengthen and protect our economic, financial and payments systems.

We dedicate more than $1 billion to technology each year to support the Federal Reserve and our economy, and we're building a dynamic and diverse team for our future.

Overview

The Federal Reserve Bank of St.

Louis is looking for an Information Security Engineer who will use technical and information security knowledge to identify security threats across a diverse portfolio of technologies.

As our Information Security Engineer, you will report to the Information Security Manager and provide an important role in securing applications and cloud environments for the Federal Reserve Bank.

The Information Security Engineer will grow the application security program by providing the knowledge and technical leadership necessary to strengthen security controls within the architecture and agile software development lifecycle, ranging from risk identification to driving risk-based solutions and mitigations, with a high focus on innovation and automation.

Responsibilities


* Manage application security tools including static, dynamic, and interactive security analysis solutions, CI/CD pipeline automated security tools, web application firewalls, container security tools, and develop related documentation.


* Partner with application teams and cloud engineers to build security automation testing tools into the CI/CD Pipeline.


* Collaborate across multiple development teams and business partners to lead cyber security programs throughout the organization.


* Perform assessments of security tools, vendors, and solutions to support information security roadmaps.


* Work with teams to embed security logging and monitoring across the corporate and cloud environments.


* Lead discussions and projects with technical personnel, business partners, and executives to strengthen controls around agile development processes, secure coding practices, and secure cloud design.


* Manage security testing efforts by working with application development teams to assess and prioritize discovered security issues and vulnerabilities.


* Lead the identification, response, investigation, and communication of security issues and promote remediation efforts with development teams and partners.


* Assist application teams with developing remediation strategies to prevent future security issues.


* Assist the Incident Response Team with web application and cloud related security incidents.

Qualifications


* Bachelor of Computer Information Systems, Business Administration or technology-related field, Information Security or commensurate experience


* 5+ years of experience in Cloud Security, DevOps, or Software Development, and a combination of the following:


* At least one security...