Cyber Intelligence and Instrumentation Officer
San Francisco, CA

Job Description

At the Federal Reserve Bank of San Francisco, the work we do is consequential and challenging. Our environment encourages growth and diversity. Our employees flourish in a team-oriented atmosphere and are dedicated to the important mission of the San Francisco Fed.

What we do:

The National Incident Response Team (NIRT) is an in-house Information Security team that serves the entire Federal Reserve System across the United States and its territories. NIRT is responsible for delivering effective and efficient nationwide cyber intrusion detection, incident response, threat assessment, cyber intelligence, software security, vulnerability assessment, and other information security services to the Federal Reserve System (FRS) and select Bureaus of the US Treasury.

Your role as a Cyber Intelligence and Instrumentation Officer:

The individual in this role is responsible for strategic and execution leadership for NIRT's Cyber Intelligence and Instrumentation service portfolio, including people, processes, and technology. The role is responsible for all aspects of cyber intelligence and threat-based analysis of the risks to the FRS and Treasury customers; additionally, this role is responsible for maintaining highly effective and efficient instrumentation and threat detection capabilities to support NIRT's core mission. This position requires close coordination with peers in the areas of incident response, security monitoring and security assessment services.

In this capacity, the candidate frequently engages with the System's senior National IT management leadership, business line executives and others throughout the System regarding information security threats and cyber security risk matters. This includes providing threat intelligence to support the protection of mission-critical applications and systems that support market operations, financial institution supervision, services to banking organizations, services to the U.S. Treasury Department, and internal FRS operations.

The successful candidate will be a visionary and experienced Information Security Executive who has extensive experience in the delivery of high performing cyber security services in a federated governance model; has an excellent grasp of analytic and cyber intelligence tradecraft; executive leadership experience, and a track record of successfully supporting risk-based decision-making through analysis.

* Delivers high impact written and verbal briefings on sensitive cyber threat intelligence matters with a broad range of audiences including information security staff, senior executive leadership (e.g. CIO, CISO, etc.) and business area representatives.
* Develops and maintains broad ranged strategic plans, internal processes, and staff capabilities to support security advisories (vulnerability intelligence), cyber threat analyses, system-wide strategic security recommendations, cyber intelligence briefings and information sharing with trusted partners.
* Directs all-source intelligence lifecycle including requirements, collection, analysis and dissemination in alignment with industry standard methodologies and best practices.
* Oversees assessment of cyber threats to the organization including near-term and strategic risks within critical functions.
* Provides support managing or directing response activities during significant enterprise-level cyber incidents or emerging cyber threat conditions.
* Develops and maintains broad ranged strategic plans, internal processes, and staff capabilities to support network telemetry design, threat detection platform support (e.g. NIDS, advanced malware analysis, network capture, etc) and threat analysis capabilities aligned with current threat landscape or anticipated adversary capabilities.
* Directs staff and oversees the functional responsibilities as it relates to implementing key strategies and critical business priorities at an organizational level.

What we are looking for:

* Master's degree in Cyber Security, Engineering, Computer Science, or related discipline or an equivalent combination of education and work experience.
* Ten (10) to twelve (12) years of experience in cyber security, with at least 5 years of experience in cyber intelligence, incident response, security assessment, security operations, or computer network defense functions.
* At least three (3) years of leadership experience in progressively responsible roles in a demanding environment; strong leadership skills and ability to effectively manage high performing staff.
* Expert level understanding of adversary tactics, techniques and procedures (TTPs); threat actors including nation-state, cyber-criminal and hacktivist groups.
* Advanced knowledge of intelligence lifecycle, cyber intelligence practices, incident response, security assessments, security engineering and computer network defense.
* U.S. citizenship and ability to obtain and maintain Top Secret level security clearance.

The Federal Reserve Bank of San Francisco is committed to a diverse workforce and to providing equal employment opportunity to all persons without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, genetic information, disability, or military service.

The Federal Reserve Bank of San Francisco is committed to a work environment that respects and fully values the strengths and differences of its people.