Vice President Cyber Analytics and Compliance

  • 20 May 2019 4:09 PM
    Message # 7352354
    James Walters (Administrator)

    Federal Reserve Bank of Richmond   

    $195,800 - $306,000 a year

    Job Sensitivity Tier III - Secret

    Vice President Cyber Analytics and Compliance

    Requisition #- 259050


    The mission of the Federal Reserve System (FRS) is to foster the stability, integrity, and efficiency of the nation’s monetary, financial, and payments systems to promote optimal economic performance. Within this broad context the vital mission of National IT (NIT) is to deliver superior value to our customers through world-class IT services and solutions that are responsive to business needs, adaptive to change, and essential to the mission of the FRS.


    Vice President (VP) officers provide strategic direction and develop operating plans to achieve goals and objectives for one or more functional areas within a division. VPs support and execute major programs and System-wide initiatives. Decisions made by VPs have a major impact on FRIT/System or on a very large segment of the organization. VPs ensure performance supports the overall mission. VPs typically are recognized as a mid-senior executive level position that requires capabilities, experiences and skills commensurate with leading a large, complex IT organization.

    Job Summary


    The VP for Cyber Analytics and Compliance reports to the System Chief Information Security Officer (CISO) and is responsible for directing and managing Cyber Analytics, Compliance and Vulnerability Management activities for the Federal Reserve. The VP is responsible for the delivery of high quality, risk-based and cost-effective information security services, programs and projects to meet the evolving and diverse needs of a broad customer base/business partners.

    The preferred location for the Vice President Cyber Analytics and Compliance is Richmond, VA, followed by Dallas, TX and East Rutherford, NJ.


    Essential Duties & Responsibilities

    • Develops and maintains broad ranged strategic plans, internal processes, and staff capabilities to support business needs and ensure customer commitments are met for service quality and cost efficiency. Provides broad perspective and thought leadership to develop and implement key strategies and critical business priorities at an organizational and System level.
    • Leads and directs the function(s) and develops effective plans that clearly demonstrate effective management and efficiency. Develops and leads an effective, cohesive and creative team. Prioritizes, supports, and executes FRS critical objectives. Ensures effective processes, communications, training and employee development to maintain the operational integrity and performance of department(s), including appropriate exercise and control of key processes. Ensures on-going analysis and measurements are in place to identify opportunities for improvement and further commit resources to improve performance levels and achieve success. Ensures budgeting and forecasting assumptions are sound and reasonable and manages compliance to budget.
    • Develops trust-based relationships with customers to fully understand their service needs, new technology, and/or infrastructure affordability. Ensures commitment to a disciplined service level management process framework that enables continuous improvements in quality, cost efficiency, employee engagement, and customer satisfaction.
    • Partners with senior IT and business leaders regarding policies and procedures, and provides counsel in functional area. Acts as a corporate advocate for best practices. Represents FRIT on System’s leadership groups. Keeps System management community apprised of FRIT activities and drives FRIT issues requiring System level attention and involvement.
    • Encourages and promotes culture of creativity, innovation, and continuous improvement. Recognizes and advocates for ideas that hold the greatest potential for improving effectiveness, efficiency, and business values.
    • Communicates effectively across a wide group of people, including but not limited to: FRB Richmond’s Board, senior leaders, the FRIT Management Council, the Information Technology Oversight Committee (ITOC), Conference of First Vice Presidents, Board of Governors Staff, internal and external auditors, vendors, committees and workgroups across the System, FRIT managers and staff. Clearly articulates ideas with specific insights and recommendations given as appropriate.

    Performs other duties as required. Follows all Federal Reserve policies, procedures, and consistently demonstrates sound judgment.


    Functional Area & Responsibilities

    • Lead efforts to collect correlate and fuse disparate data to provide real-time roll up of accurate enterprise risk posture.
    • Measures compliance with IS policies, controls and directives. Serves as the central point of collection, management, escalation and reporting of compliance with IS policies, controls and directives.
    • Develops processes, tools and technology to monitor compliance based on industry best practices. Aggregates and periodically reports the ‘state of IS compliance’ at the enterprise level.
    • Develops automated mechanisms to report on Cloud Service Provider status for items of concern such as vulnerability status, incident response interactions, forensic activities, integration of security logs into the Agency toolsets, etc.
    • Identify gaps in existing and proposed compliance monitoring capabilities and recommend changes or enhancements.
    • Develops data management strategy and serves as the Chief Data Officer for FRS IS data.
    • Maintains effective working relationships with peers and business partners and consistently communicates with key executives and stakeholders on successes, opportunities and challenges.
    • Create solutions that balance business requirements with information and cyber security requirements.
    • Embraces the System IT Principles, including risk-based security, to guide day-to-day decisions and strategic decision-making processes.

    Education & Experience

    • Bachelor’s degree in applicable discipline or the equivalent is required. Master’s degree preferred. ISC2 CISSP certification is preferred.
    • Five to seven years of leadership experience in progressively responsible roles in a demanding environment. Strong and inspirational leadership skills and ability to effectively manage high performing staff. A minimum of five years of experience with cyber analytics, compliance or vulnerability management teams on projects similar to the size, scope, and complexity of enterprise level environments.
    • A minimum four years of experience developing and analyzing, reporting and enhancing IT security metrics.
    • A minimum of four years of experience in security policy and emerging cybersecurity technologies.
    • Understanding of FedRAMP requirements and cloud based security controls.

    Knowledge & Skills


    Excellent communication skills, as well as outstanding presentation and persuasion capabilities, with exceptional management presence that elicits confidence and credibility. Ability to communicate effectively across a wide group of people and audiences.


    Demonstrated ability to lead a team, set priorities, formulate strategies, assess performance, and execute plans. Demonstrated competency in executing large projects. Ability to adjust to and gracefully deal with changing work requirements and priorities, demanding deadlines, operational crisis situations, as well as being able to keep pace with multiple concurrent initiatives.


    Able to effectively navigate and achieve results in a federated, multi-location, multi-divisional organizational structure. Ability to speak persuasively and with diplomacy, and effective in initiating conversations and communications necessary to resolve issues. Ability to effectively convey complex issues and communicate to a variety of audiences including technical staff, peers, as well as senior management, and oversight bodies.


    Able to deal effectively and decisively with organizational and personnel issues and to be a good listener and observer who can also exert influence. Demonstrated leadership ability with a proven record of successfully driving significant change. Ability to motivate, develop and lead a team of professional resources through a period of dynamic change and uncertain conditions. Ability to handle sensitive and confidential matters with the appropriate level of judgment, discretion, and maturity.


    Physical Requirements & Travel


    The physical requirements of this position consist of those typical to an office environment including, but not limited to visual attention to computer may be required for extended periods of time, extended hours of sitting and use of desktop automation tools. Occasional to frequent travel may be required including overnight stays.


    Other Considerations

    • The Richmond, VA, 2019 hiring range is $195,800 – $244,800, annually.
    • The Richmond, VA, 2019 market range is $195,800 – $306,000, annually.
    • Candidate should review the FRB Employee Code of Conduct to ensure compliance with issues related to previous employment and prohibited financial interests. The Code is available on the About Us, Careers webpage at http://www.richmondfed.org.
    • The selected candidate will be subject to a government security investigation and must meet eligibility requirements for access to classified information. U.S. Citizenship is required.
    • The deadline to apply for this opening is May 31, 2019.


Copyright 2018, International Information Systems Security Certification Consortium, Inc. (“(ISC)²), in website format and trade dress only. All Rights Reserved. (ISC)², CISSP, SSCP, CAP, ISSAP, ISSEP, ISSMP, CSSLP, and CBK are registered certification, service, and trademarks of (ISC)². Disclaimer: (ISC)²” does not own, operate, or moderate this website. All content of this site, exclusive of licensed trademarks or copyright, is the property of the designated (ISC)² Chapter organization, which is not owned, managed, or controlled by (ISC)² and operates independent of (ISC)².

P.O. Box 2566, Glen Allen, VA 23058-2566

Powered by Wild Apricot Membership Software