Part-time Cyber security Jobs in Saint Paul, MN

Company

Federal Reserve Bank of BostonFederal Reserve Financial Services (FRFS) delivers a suite of payments services to financial institutions via FedLine® Solutions, Fedwire® Funds and Securities, the National Settlement Service (NSS), FedCash®1, FedACH®, Check Services, and the FedNow® Service. FRFS operates as a fully integrated organization with groups dedicated to customer experience, operations, technology, product and customer/industry management, enterprise services, payments system improvement, and one focused on the ongoing growth and development of the FedNow instant payment service. Our strategy defines our future direction, seeking to offer a fully integrated product suite that provides speed, resilience, and choice in meeting the payments needs of FRFS customers across the United States. Through our Enterprise structure, we strive to meet the needs of the marketplace for new products and services with speed and agility, seek to provide a robust and unified customer experience, and work to create career growth opportunities for FRFS staff.

The FRFS Enterprise operates with a customer-first mindset, comprised of team members seeking to do the best work of their careers in pursuit of our important central bank mission.

The position will be primarily on-site with residency commutable to one of our offices required.

This positionis responsible forhelping to ensure the security and integrity of theFedNoworganization across people, operations, and technology. This individual will directly support securityengineeringand operations. The individual will also be expected to provide cybersecurityexpertiseboth through consultation and hands-on technical activities.

Desired Qualifications

• Programming Languages relevant to web and API development such as Python, Java,GO isrequired

• Experience security testing cloud workloads.

• Strong understanding of web serviceprotocols,REST principles, and client-server architecture is necessary

• Strong understanding of APIdefense strategies and ability to implement

• Foundationalunderstanding of logging andmonitoring tools to detect anomalies and respond to incidents in real-time

• Strong attention to detail and creative problem-solvingare essential for navigating complex security challenges

• Abilityto effectively communicaterisks and solutions to both technical and non-technical stakeholders

• Collaboratingeffectivelywithin a team,includingdevelopers, platform architects, and project managers in a multi-district environment

What will be expected of you

• Develop code to automate securityframeworksinto functional, secure infrastructure and deploysecuritytoolingusing automationas a foundation.

• Design and execute point-in-time security tests, automated or manually, against cloud workloads.

• DevSecOpsintegration –enable automate static and dynamic API security checks using CI/CD tools. Enforce governance gates during key lifecycle phases (eg.Design,Validate, Publish)

• Partner with application, security, and platform teams to embed security into API design, development, and deployment.

• Contribute to security architecture reviews, threat modeling,and technical design discussions

• Define, configure, and enforce API gateway policies for authentication, authorization, encryption, and traffic-management controls

• Monitor traffic and collaborate withsecurityand engineering teams on incident response and remediation

• Represent a technologist’s point of view in selecting tooling and solutions.

• Proven ability to collaborate, build relationships and influence direct& in-directteam members in a matrix-management environment.

• Present and debrief cybersecurity findings, risk posture, and control effectiveness to leadership and management audiences, translating technical security data into clear, actionable insights to support informed decision-making.Activelyseek to remove barriers and improve security across the program.

• Documenttechnicalsolutions developed andthesupporting processes.

• Identifyand address the root causes of issues, focusing on solving problem categories rather than individual instances. Engage early and comprehensively.

Expertiseyou would bring

• 5+years of experience in an object-oriented language (Python, Java, or Go preferably)

• Experience working in aDevSecOpssoftware development environment

• 5+ years of experience in Cyber Security, with a focus on API gateway engineering

• 5+years of Cloud Native experience (AWS preferred)

• Strong understanding of API Security, OWASP API Top 10, secure API design principles

• Exposure to API gateway security tools (runtime protection, discovery, orposture mgmt.)

• Proficiencyin working with Infrastructure as Code (i.eTerraform,Pulumi)

• Proven experience building and securing CI/CD pipelines(GitHub, GitLab CI, Jenkins, etc.)

• Proficiencywith container technologies (Docker, Kubernetes) and their security implications

• Expertisewith Cloud IAMconfiguration/policies,containerorchestration/testing

• Lead and execute cyber incident response activities, including detection, analysis, containment, eradication, and recoverywith a focus on senior-levelresponsibilities.

• Strong communicationskills with ability to influence at all levels of the organization; ability to simplify complex security topics for consumption and critical decision making

Logistics and Requirements

• The ability to obtainsecurityclearance

• Be able to support on-call andwork-rotation activities

• Relevant certifications (e.g., CISSP, CISM, GIAC, AWS, AZURE).

• Federal Reserve System candidates will remain employed at current Federal Reserve Bank, but report into theFedNowteam via cross-district arrangement.

The salary range for this position is $170,200 - $212,700 - $255,200. The Boston Fed believes in salary transparency. The final salary and offer will be determined by the applicant’s background, skills, internal equity, and alignment with market data. Whether you’re developing into the job or are a more seasoned candidate, we aim to pay competitively.

All employees assigned to this position will be subject to FBI fingerprint/ criminal background and Patriot Act/ Office of Foreign Assets Control (OFAC) watch list checks at least once every five years.The above statements are intended to describe the general nature and level of work required of this position. They are not intended to be an exhaustive list of all duties, responsibilities or skills associated with this position or thepersonnelclassified. While this job description is intended to bean accuratereflection of this position, management reserves the right to revise this or any job description at its discretion at any time.

Full Time / Part Time

Full time

Regular / Temporary

Regular

Job Exempt (Yes / No)

Yes

Job Category

Information Technology Family Group

Work Shift

First (United States of America)

Always verify and apply to jobs on Federal Reserve System Careers () or through verified Federal Reserve Bank social media channels.