Cyber Security Engineer Principal

Company

Federal Reserve Bank of Boston

Federal Reserve Financial Services (FRFS) delivers a suite of payments services to financial institutions via FedLine® Solutions, Fedwire® Funds and Securities, the National Settlement Service (NSS), FedCash®1, FedACH®, Check Services, and the FedNow® Service.

FRFS operates as a fully integrated organization with groups dedicated to customer experience, operations, technology, product and customer/industry management, enterprise services, payments system improvement, and one focused on the ongoing growth and development of the FedNow instant payment service.

Our strategy defines our future direction, seeking to offer a fully integrated product suite that provides speed, resilience, and choice in meeting the payments needs of FRFS customers across the United States.

Through our Enterprise structure, we strive to meet the needs of the marketplace for new products and services with speed and agility, seek to provide a robust and unified customer experience, and work to create career growth opportunities for FRFS staff.

The FRFS Enterprise operates with a customer-first mindset, comprised of team members seeking to do the best work of their careers in pursuit of our important central bank mission.

The position will be primarily on-site with residency commutable to one of our offices required.

This position is responsible for helping to ensure the security and integrity of the FedNow organization across people, operations, and technology.

This individual will directly support security engineering and operations.

The individual will also be expected to provide cybersecurity expertise both through consultation and hands-on technical activities. 

Desired Qualifications 


* Programming Languages relevant to web and API development such as Python, Java, GO is required 



* Experience security testing cloud workloads. 



* Strong understanding of web service protocols, REST principles, and client-server architecture is necessary  



* Strong understanding of API defense strategies and ability to implement  



* Foundational understanding of logging and monitoring tools to detect anomalies and respond to incidents in real-time 



* Strong attention to detail and creative problem-solving are essential for navigating complex security challenges 



* Ability to effectively communicate risks and solutions to both technical and non-technical stakeholders 



* Collaborating effectively within a team, including developers, platform architects, and project managers in a multi-district environment 

What will be expected of you  


* Develop code to automate security frameworks into functional, secure infrastructure and deploy security tooling using automation as a foundation. 



* Design and execute point-in-time security tests, automated or manually, against cloud workloads.  



* DevSecOps integration – enable automate st...