LISCC Governance and Controls - IT Sr. Risk Specialist
Federal Reserve Bank of San Francisco
Location: San Francisco, California
Type: Full Time
4 Year Degree
Internal Number: R-0000013471
While the SF Fed is a Reserve Bank, we’re not what you might expect. We’re unreserved here. That means we seek new and diverse perspectives. We spark conversations and encourage debate. We build opportunity. We pursue careers that are true to ourselves. We are looking for people who want to help our country reach its full economic potential. When you join the SF Fed, you join a team of people working together to promote an inclusive economy that works for everyone.
At the SF Fed, we believe in the diversity of our people, ideas, and experiences and are committed to building an inclusive culture that is representative of the communities we serve. The SF Fed is an Equal Opportunity Employer.
The Supervision + Credit (S+C) Division executes supervision programs that promote safety and soundness of supervised institutions and the financial stability of the U.S. economy. One of the four supervision programs that is executed by S+C is the Large Institution Supervision Coordinating Committee (LISCC) program. The LISCC program is the Federal Reserve’s national supervisory program for the largest and most systemic financial institutions. The program is executed by hundreds of staff supplied by multiple Reserve Banks and the Board of Governors working collaboratively to provide Federal Reserve System-wide and cross-disciplinary perspectives on the supervision of firms in the LISCC portfolio.
A core component of the LISCC program is the Governance and Controls (G&C) program. The Independent Risk Management and Controls pillar of the G&C program, which includes the Information Technology and Cybersecurity (IT) Team, facilitates consistent assessments of how well IT, cybersecurity and related risks are identified, measured, monitored, and controlled at each firm.
The Risk Specialist Team (RST) within S+C’s Risk, Policy and Analysis area includes individuals from the SF Fed who are members of the LISCC program. The RST is looking for a Senior Risk Specialist to join its LISCC IT Team and be a member of the national LISCC IT Team.
Do you have a passion for bank supervision, IT risk management, cybersecurity, and risk controls? If so, please read on!
Serve as a subject matter authority, leading or participating in horizontal and firm-specific LISCC examinations and conducting ongoing monitoring to determine the effectiveness of a firm’s IT and cybersecurity risk management program, gain firm peer perspective, and assess emerging IT-related risks. Recommend conclusions from data analysis for use by examination team leads or to be communicated to a broader audience of collaborators, including supervised institutions.
Analyze and interpret information and develop and test hypotheses to help estimate IT and cybersecurity risk and the potential impact to financial institutions and the financial services industry and contribute to the resolution of issues in supervised institutions.
Coordinate with System-level staff, the Board of Governors, the other regulatory agencies, and other team members to compare institutions across the LISCC portfolio through horizontal analyses, which may be used to evaluate changes in risk on a national scale and to develop knowledge of emerging risk concerns and trends.
Mentor and coach junior staff, including reviewing the work products of junior staff.
This position requires access to confidential supervisory information, which is limited to “Protected Individuals.” Protected Individuals include, but are not limited to, U.S. citizens and U.S. nationals, U.S. permanent residents who are not yet eligible to apply for naturalization, and U.S. permanent residents who have applied for naturalization within six months of being eligible to do so or who will sign a declaration of intent to apply for naturalization before they begin employment.
Bachelor’s degree in business, technology, or related fields of study. Advanced degree or professional certifications with an emphasis on IT, IS, and internal audit (e.g., CISA, CISSP, CIA, CCSP, CRISC, CISM), as well as an examiner commission, or actively working towards a commission, are a plus. We support ongoing training including the acquisition of certifications and examiner commission.
Typically, seven or more years of relevant experience in information security or technology risk management such as in banking supervision, a bank risk management function, IT audit or at a consulting firm; or an equivalent combination of education and experience.
Experience or knowledge of the banking industry and IT-related supervision and regulation framework is preferred.
Experience evaluating a variety of technology-related risks facing complex financial institutions, and the ability to identify prudent practices for managing those risks. Some preferred areas include vendor risk management, cybersecurity response and resilience, cloud security, data governance and security, endpoint and server technologies, intrusion detection and prevention systems, identify access management and access control, and threat vulnerability management.
Ability to read, interpret and analyze information and supervisory ratings and enforcement records applicable to IT and cybersecurity risks, as well as apply related Federal Reserve System rules and regulations is preferred.
Excellent verbal and written communication skills, ability to synthesize and present arguments, and distill complex information into a summary.
Ability to multi-task and prioritize projects, working collaboratively and cultivating good working relationships.
Some travel is required, depending on one’s assignments and location (up to 20%).
All employees must be fully vaccinated against COVID-19 or qualify for an accommodation from the Bank’s vaccination policy; the Bank will provide accommodations as required by law for individuals unable to be vaccinated due to medical condition or sincerely held religious belief.
We offer a wonderful benefits package including Medical, Dental, Vision, Pre-tax Flexible Spending Account, Backup Child Care Program, Pre-Tax Day Care Flexible Spending Account, Paid Family Care Leave, Vacation Days, Sick Days, Paid Holidays, Pet Insurance, Matching 401(k), and a Retirement / Pension.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment.
While the SF Fed is a Reserve Bank, we’re not what you might expect. We’re unreserved here. That means we seek new and diverse perspectives. We spark conversations and encourage debate. We build opportunity. We pursue careers that are true to ourselves, from economists and cash processors to bank supervisors and cloud engineers. When you join the SF Fed, you join a team of people working together to promote an inclusive economy that works for everyone. If that’s the kind of impact you’d like to make with your everyday work, find your next career opportunity here.