Sr. IT Risk Specialist - Governance and Controls - Large Institutions - Federal Reserve Bank (FRB)

Company

Federal Reserve Bank of San Francisco

We are the Federal Reserve Bank of San Francisco—public servants with a mission to advance the nation’s monetary, financial, and payment systems to build a stronger economy for all Americans. We are a community-engaged bank, and are committed to understanding and serving the vibrant, expansive communities of the Twelfth District. That means we seek and appreciate new perspectives. We respect people for what they do and for who they are. We build opportunities to learn and grow. When you join the SF Fed, you become part of a diverse team united in its purpose to promote an economy that works for everyone.

The Supervision + Credit group is responsible for the supervision and regulation of state member banks (SMBs), bank holding companies, savings and loan holding companies, financial holding companies, data service providers, trust companies, and foreign banking organizations that operate in the Twelfth District. Supervised institutions are in all states of the District and range in size and complexity from small community organizations to some of the largest banking organizations in the country.

The Supervision + Credit (S+C) Division drives supervision programs that promote safety and soundness of supervised institutions and the financial stability of the U.S. economy. One of the four supervision programs that is performed by S+C is the Large Institution Supervision Coordinating Committee (LISCC) program. The LISCC program is the Federal Reserve’s national supervisory program for the largest and most systemic financial institutions. The program is implemented by hundreds of staff supplied by multiple Reserve Banks and the Board of Governors working collaboratively to provide Federal Reserve System-wide and cross-disciplinary perspectives on the supervision of firms in the LISCC portfolio.

A core component of the LISCC program is the Governance and Controls (G&C) program. The Independent Risk Management and Controls pillar of the G&C program, which includes the Information Technology and Cybersecurity (IT) Team, facilitates consistent assessments of how well IT, cybersecurity and related risks are identified, measured, monitored, and controlled at each firm.

The Risk Specialist Team (RST) within S+C’s Risk, Policy and Analysis area includes individuals from the SF Fed who are members of the LISCC program.  Right now, the RST has a fantastic opportunity for a Senior IT Risk Specialist to join its LISCC IT Team and be a member of the national LISCC IT Team.  Do you have a passion for bank supervision, IT risk management, cybersecurity, and risk controls? If so, please read on!

In this important role, you serve as a subject matter authority, leading or participating in horizontal and firm-specific LISCC examinations and conducting ongoing monitoring to determine the effectiveness of a firm’s IT and cybersecurity risk management program, gain firm peer perspective, and assess emerging IT-related risks. You will also recommend conclusions from data analysis for use by examination team leads or to be communicated to a broader audience of collaborators, including supervised institutions.  You will analyze and interpret information and develop and test hypotheses to help estimate IT and cybersecurity risk and the potential impact to financial institutions and the financial services industry and contribute to the resolution of issues in supervised institutions. 

You will also Coordinate with System-level staff, the Board of Governors, the other regulatory agencies, and other team members to compare institutions across the LISCC portfolio through horizontal analyses, which may be used to evaluate changes in risk on a national scale and to develop knowledge of emerging risk concerns and trends.  You will also mentor and coach junior staff, including reviewing the work products of junior staff.

Requirements:

• Bachelor’s degree in business, technology, or related fields of study.
• Advanced degree or professional certifications with an emphasis on IT, IS, and internal audit (e.g., CISA, CISSP, CIA, CCSP, CRISC, CISM), as well as an examiner commission, or actively working towards a commission, are a plus. We support ongoing training including the acquisition of certifications and examiner commission.
• Typically requires seven or more years of relevant experience in information security or technology risk management such as in banking supervision, a bank risk management function, IT audit or at a consulting firm; or an equivalent combination of education and experience.
• Experience or knowledge of the banking industry and IT-related supervision and regulation framework is preferred.
• Experience evaluating a variety of technology-related risks facing complex financial institutions, and the ability to identify prudent practices for managing those risks. Some preferred areas include vendor risk management, cybersecurity response and resilience, cloud security, data governance and security, endpoint and server technologies, intrusion detection and prevention systems, identify access management and access control, and threat vulnerability management.
• Ability to read, interpret and analyze information and supervisory ratings and enforcement records applicable to IT and cybersecurity risks, as well as apply related Federal Reserve System rules and regulations is preferred.
• Excellent verbal and written communication skills, ability to synthesize and present arguments, and distill complex information into a summary.
• Ability to multi-task and prioritize projects, working collaboratively and cultivating good working relationships.
• Some travel is required, depending on one’s assignments and location (up to 30%).
• This position requires access to confidential supervisory information, which is limited to “Protected Individuals.” Protected Individuals include, but are not limited to, U.S. citizens and U.S. nationals, U.S. permanent residents who are not yet eligible to apply for naturalization, and U.S. permanent residents who have applied for naturalization within six months of being eligible to do so or who will sign a declaration of intent to apply for naturalization before they begin employment.

#LI-Hybrid

Base Salary Range: Min: $ Min: $155,700  Mid: $205,600  Max: $255,300 (Location: San Francisco)

Final salary and offer will be determined by the applicant’s background, experience, skills, internal equity, and alignment with geographic and other market data.

We offer a wonderful benefits package including: Medical, Dental, Vision, Pre-tax Flexible Spending Account, Backup Child Care Program, Pre-Tax Day Care Flexible Spending Account, Paid Family Care Leave, Vacation Days, Sick Days, Paid Holidays, Pet Insurance, Matching 401(k), and Retirement/Pension.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, perform essential job functions, and receive other benefits and privileges of employment. The SF Fed is an Equal Opportunity Employer.

The Bank's ethics rules generally prohibit employees, their spouses/domestic partners, and minor children from owning securities, such as stock, of banks or savings associations or their affiliates, such as bank holding companies and savings and loan holding companies.  Employees in the S+C group also must ensure there are no conflicts of interest related to their previous employment and current financial interests.  S+C employees may be subject to borrowing and deposit restrictions and may need to recuse themselves from certain supervisory work.  Please review Section 5.3 and Appendix B of the Bank’s Code of Conduct to ensure compliance with the Code of Conduct conflict of interest rules and personal investment restrictions.

Full Time / Part Time

Full time

Regular / Temporary

Regular

Job Exempt (Yes / No)

Yes

Job Category

Bank Examination

Work Shift

First (United States of America)

The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.

Privacy Notice