Information Security Manager & ISSO

Company

Federal Reserve Bank of Minneapolis

The Federal Reserve Bank of Minneapolis is looking for experienced Information Security Manager to support the Bank in its role as a Fiscal Agent for the Department of Treasury and the Bureau of the Fiscal Service.

In this role, you will lead a small team of security professionals and will serve as the Information System Security Officer (ISSO) role for a cloud based financial system.

As the ISSO, you will serve as the principal advisor on all matters (technical and otherwise) involving the security of the information system.

You must bring current or recent experience with NIST’s Risk Management Framework (RMF), knowledge of NIST based control frameworks, knowledge of modern software engineering practices, and excellent written and verbal communication skills with the ability to communicate complex concepts to all levels of the organization.

To be considered for this position you must be a U.S.

Citizen.  

The Minneapolis Fed believes in flexibility to balance the demands of work and life while also recognizing the necessity of connecting and collaborating with our colleagues in person.

Onsite work is an essential function of this position, and you are expected to be in the office two (2) days per week for meetings and team collaboration.

Responsibilities:


* Execute the full cycle of employment matters, including but not limited to those involving hiring, retention and performance optimization, salary recommendations, and decisions related to the termination of employment, as well as the documentation of these matters. 


* Develop and evaluate the performance of staff, which includes managing staff to identify developmental assignments and training opportunities, working with individuals on their career goals, delegating responsibilities, providing feedback, and evaluating performance on any of the preceding duties.   


* Establish objectives and key results for the team and adjust direction as needed to respond to organizational strategies and priorities.


* Serve as the principal advisor to the System Owner, Authorizing Official, and Chief Information Security Officer (CISO) on all matters (technical and otherwise) involving security of assigned system(s) and/or service(s).


* Ensure necessary governance documentation (e.g., business case, technical addendum, Security Impact Analysis – SIA, Classification and Determinations Memo – CDM, etc.), reviews, approvals, and agreements for system(s) and/or service(s) are in place and kept up to date. 


* Ensure that management, operational, and technical security controls (inherited and system specific) are managed throughout the system development life cycle.


* Maintain an Ongoing Authorization to Operate (ATO) for assigned system(s) or an Ongoing Authority to Use (ATU) for assigned service(s) consistent with applicable policy, standards, procedures, and guidelines. 


* Execute ongoing or operational...