Security Compliance Associate or Analyst

Company

Federal Reserve Bank of Cleveland

The Federal Reserve Bank of Cleveland is part of the nation’s central bank and we’ve provided many opportunities for professional growth during our history.

For twenty-four years in a row, we’ve been named “One of Northeast Ohio’s Best Places to Work” by North Coast 99. This prestigious award honors organizations with outstanding employment practices, including compensation, benefits, training, recruitment, retention, community services, and employee communications.

Our People Make the Difference! The Federal Reserve Bank of Cleveland is seeking innovative thinkers with vision to build the framework that will carry the Bank into the future.

Follow us on LinkedIn, Twitter, Instagram, and our YouTube channel – Cleveland Fed

To be considered for this role, candidates must be a U.S. citizen.

Organizational Expectations:

For the business lines supported by the Federal Reserve Bank of Cleveland (Pay.gov, Debit Gateway, TCMS/DVS, CIR, eCommerce and any potential future business lines) which are owned by the Department of Treasury’s Bureau of the Fiscal Service, the security compliance position supports the security posture of multiple systems by ensuring compliance with government and industry frameworks, facilitating security assessments and audits, performing department access reviews, maintaining disaster preparedness, and raising security awareness.

General Responsibilities:

• Collaborates with both internal and external stakeholders to ensure ongoing compliance (FISMA, PCI, FedRAMP, etc.) and security of Treasury Services applications.

• Supports compliance-related efforts such as development and updating of security plans, to support the Information System Security Officer’s responsibilities.

• Ensures that Fiscal Service Baseline Security Requirements (BLSRs) are adhered to and accurately documented.

• Processes access requests for new hires, transfers, and terminations; performs periodic access reviews to support this process.

• Maintains Business Continuity (BC) processes and documentation for the department; coordinates Business Continuity exercises with all Treasury Services managers and officers at least annually.

• Drafts procedures and processes to support security compliance-related activities.

• Supports annual security assessments with third-party vendors for Treasury Services applications.

Education and Experience:

• Security Compliance Associate: Bachelor’s degree with no prior professional work experience or Associate’s Degree with 3+ years of related work experience

• Security Compliance Analyst: Bachelor’s degree with 3+ years of related work experience

Knowledge and Skills:

• Understanding of industry-based security controls relating to applications, services, and systems.

• Knowledge and understanding of security compliance frameworks such as NIST, PCI, FedRAMP, and/or FISMA.

• Experience with risk and security vulnerability management.

• Knowledge of cloud-based platforms and technologies.

• Ability to analyze highly complex business requirements.

• Time management skills, and the ability to prioritize and multi-task.

Physical Demands and General Working Conditions

Employees typically sit most of the day, work with a computer and may answer/respond to phone calls.  Physical movement consists of walking for meetings, breaks, etc.  Employees may be required to travel by car/air.

Full Time / Part Time

Full time

Regular / Temporary

Regular

Job Exempt (Yes / No)

Yes

Job Category

Information Technology

Work Shift

First (United States of America)

The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.

Privacy Notice