The Senior Information Security Risk Analyst is a key member of the Bank's independent security function and has responsibility for evaluation of the Bank's information security posture. The analyst works to ensure that the Bank is informed of its external threat environment, current good practice of information security, and the effectiveness of the Bank's information security control design. This position works with all business units in evaluating and identifying the Bank's security and technology risks. This position has regular interaction with key members of business unit management across the Bank and, after demonstration of the necessary skills, will participate and present in appropriate Bank committees. RESPONSIBILITIES: Support the Bank's annual Information Technology Risk and Controls Self Assessment (IT RCSA) and the update of Independent Security's view of the IT RCSA each quarter. Manage and expand continuous monitoring capabilities designed to measure changes to the Bank's threat environment and the effectiveness of the Bank's security controls. At least quarterly, analyze IT Security activities and provide a written report assessing the current effectiveness of the Bank's IT security program. Project manage penetration testing vendor engagements of the Bank and assist in assessing the risk of identified findings and defining remediation plans. These penetration tests include network, application, and physical tests. Monitor Bank projects throughout the Project Development Life Cycle (PDLC) to assure compliance with plans and provide input to decisions regarding risk management related projects or security modifications or enhancements to technology or operating systems environments. Contribute in other Operational Risk department programs such as events, change management requests, end user computing programs to ensure timely and accurate operational risk reporting. Evaluate and recommend updates to the Bank's security policy and supporting management policies and procedures considering the impact of regulatory compliance and implementation of industry best practices. Evaluate whether appropriate technical and administrative controls are in place and aligned with the Bank's business needs and strategic direction relative to all aspects of security and related compliance. Prepare and present relevant information about the Bank's security program. REQUIREMENTS: Minimally a bachelor's degree in information technology, computer science, information security or equivalent. Graduate degree preferred. Security certification is highly preferred (CISSP, SANS GSEC, etc.). 5-10 years of security or technology experience including security risk assessment. Strong written and verbal communication skills and the ability to translate technology and security risks into business vernacular. Experience with Amazon Web Services or similar IaaS preferred. Experience in a Windows Server environment. MS Office product knowledge (notably Outlook, Word, Excel, and Access). Tableau product experience or experience with other reporting packages preferred. Experience with auditing information security programs and/or penetration testing preferred.
The Federal Home Loan Bank of Chicago is a $72.0 billion wholesale bank and one of 11 district banks chartered in 1932 by the U.S. Congress to improve the availability of funds to support home ownership. The FHLB Chicago is a member-owned cooperative serving members in our district of Illinois and Wisconsin. All federally insured depository institutions, insurance companies engaged in residential ...housing finance, credit unions, and community development financial institutions located in our district are eligible to apply for membership. Today, the FHLB System, which is regulated by the Federal Housing Finance Agency, has more than 7,500 members.
The FHLB Chicago strives to be a valuable partner to our member financial institutions in Illinois and Wisconsin during all phases of financial and economic cycles. The mission of the Federal Home Loan Bank of Chicago is to partner with our member shareholders in Illinois and Wisconsin to provide them competitively priced funding, a reasonable return on their investment in the Bank, and support for community investment activities.
The Federal Home Loan Bank of Chicago is committed to diversity at all levels of our organization from the employees we hire to the programs, institutions, and businesses we support. Our goal is to recruit, hire, and develop talented staff and to offer a work environment that allows them to do their best work.