Careers

 

FS-ISAC - Position Openings

​Intelligence Analyst, Public Private Partnership, FS-ISAC

Information Security Manager, FS-ISAC

Events Project Manager, FS-ISAC

Sr. Physical Security Analyst, GRF

Full job descriptions of the positions listed above are available following the position openings section. To apply, please send a cover letter and resume to HR@fsisac.com with the positions title listed in the subject line.

 

FSARC - Position Openings

​Intelligence Analyst

Full job descriptions of the positions listed above are available following the position openings section. To apply, please send a cover letter and resume to fsarc-hr@fsisac.com with the position title listed in the subject line. 

 


 

Financial Systemic Analysis and Resilience Center (FSARC)

Position: Intelligence Analyst

Job Status: Full Time                                                         FLSA Status: Exempt

Reports To: Intelligence Coordinator                                 Travel Required: Occasional

Work Schedule: Mon - Fri: 40 hours                                 Positions Supervised: None

Office Location: Arlington, Virginia                                    Type : New Hire

Capability/Team:  Intelligence                                           

Clearance:  Minimum Secret required

 

POSITION SUMMARY

The FSARC seeks a highly motivated and cross-disciplinary analyst to join its intelligence team, offering a rare opportunity to meaningfully contribute to the genesis of an organization driving a new paradigm in collaborative cyber intelligence analysis and security. This is a demanding position that requires a candidate with proven cyber intelligence and analysis skills and demonstrated success in supporting high-impact teams in a fast-paced, high-visibility environment. The FSARC’s mission is to proactively identify, analyze, assess and coordinate activities to mitigate systemic risk to the U.S. financial system from current and emerging cyber security threats through focused operations and enhanced collaboration between participating firms, industry partners, and the U.S. Government 

In 2016, the CEOs of eight banks – Bank of America, BNY Mellon, Citigroup, Goldman Sachs, JPMorgan Chase, Morgan Stanley, State Street and Wells Fargo – came together to proactively identify ways to enhance the resilience of the critical infrastructure underpinning much of the U.S. financial system. The result is the creation of the FSARC. The FSARC combines the expertise of participating firms’ cyber security and threat intelligence teams with that of its government partners, including the Department of Treasury, the Department of Homeland Security and the Federal Bureau of Investigation. As a result, the collective pipeline of intelligence produced deepens the analysis of identified threats and reduces systemic risk across critical financial operations.

 

ESSENTIAL FUNCTIONS


Leverage prior successes in intelligence analysis, cyber operations, and geopolitical forecasting to contribute to the collective economic and national security of the United States.

Use analytic acumen and critical thinking skills to produce timely, actionable, and informative analysis regarding threat actor activity and indications of systemic cyber threats to the financial sector for delivery to C-Suite executives and senior government officials.

Aggregate, process, and analyze information from a wide variety of public and non-public sources while closely collaborating with other FSARC teams, member firms, and U.S. Government partners to deliver strategic intelligence reports that convey analytic judgments on cyber threat activity targeting the financial sector.

Advance a broader and deeper understanding of both state and non-state cyber threat actors, and their associated capabilities and intentions.

Accurately perform trending analysis and scenario forecasting at both the operational and strategic levels.

Substantively contribute to the FSARC’s advancement through relevant experiential and subject matter expertise that support the Center’s mission.

Attend regular and routine meetings in the Washington, DC area.

 

REQUIRED QUALIFICATIONS

 

At least 5-7 years of demonstrated success in cyber-related intelligence and analysis.

Minimum undergraduate degree in Intelligence Studies, International Affairs, Cyber Security, Computer Science, Political Science, Economics, or other related discipline with a strong academic record.

Superb research, writing, and analysis skills.

Deep knowledge of the cyber threat landscape, particularly as it relates to the financial services industry, as well as other critical infrastructure sectors.

Thorough understanding of Internet technologies, lexicon, and common cyber threat issues.

Proven success in authoring and delivering analytic products based on often incomplete information with the ability to cogently express complex technical and non-technical topics both verbally and in writing.

Demonstrated experience in critical and strategic thinking.

Strong collaboration and problem-solving skills with the ability to work independently and as part of a team.

Firm commitment to confidentiality and discretion.

Experience in building professional presentations and delivering briefings to executive or government leadership.

Self-starter with a high degree of initiative and personal accountability.

Ability to use standard office software applications.

U.S. Citizen.

 

DESIRED QUALIFICATIONS

 

  • Master’s Degree in a relevant discipline
  • Prior military or intelligence community experience
  • Country/region subject matter expertise
  • Advanced language skills in Arabic, Farsi, Mandarin Chinese, or Russian
  • Knowledge of U.S. Government organization and functions
  • Understanding of risk management and assessment processes
  • Prior financial sector employment
  • Scripting/programming experience in common languages (e.g. Perl, Python, Ruby)

 

WORK ENVIRONMENT


This position is performed in an office work environment with physical demands associated with that environment. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

 


 

Financial Services Information Sharing and Analysis Center (FS-ISAC)

Position: Intelligence Analyst, Public Private Partnership

Job Status: Full Time                                                                       FLSA Status: Exempt

Reports To: Intelligence Officer, Public Private Partnership          Travel Required: N/A

Work Schedule: Mon - Fri: 40 hours                                               Positions Supervised: N/A

Firm: New Hire

 

POSITION SUMMARY

The FS-ISAC is seeking an individual to work with Critical Infrastructure Partners to validate information and assessments for all 16 sectors. This position will serve as a liaison for the National Cybersecurity and Communications Integration Center (NCCIC).
 
 

ESSENTIAL FUNCTIONS

Contribute to joint products and reports, as necessary.
 
Coordinate intelligence and activities with the SOC and FS-ISAC Intelligence Team.
 
Create IC IIRs with private sector information for IC awareness.  
 
Develop and maintain direct, classified interactions with IC and LE partners both in person and over classified channels.
 
Develop and maintain relationships with government and private sector organizations represented at the NCCIC. (FBI, USSS, DHS I&A, US CERT, ICS CERT, Cyber Command, NTOC, Sector ISACs, CISCP).
 
Fill intelligence gaps.
 
Help facilitate situational awareness for DHS leadership.
 
Maintain production metrics.
 
Review/assess classified intelligence for financial sector context and potential impact.
 
Staff seat during certain exercises and other situations as appropriate.
 
Support activities relating to sector RFIs and RFAs.
 
Where relevant intelligence is identified, work with partners and intelligence originators to declassify and share relevant and actionable intelligence to the impacted members and broader membership if appropriate.
 
 

POSITION QUALIFICATIONS

 

Competency Statement(s). To perform the job successfully, an individual should demonstrate the following competencies:
 
Analytical Skills – Has strong analytical and investigative skills to synthesize raw data, determine sector specific impact from findings, and present findings clearly and concisely.
 
Communication Skills - Demonstrates effective oral and written communications skills, with the ability to write focused situation reports and briefings quickly, accurately and without substantial supervision or editing.
 
Interpersonal Skills - Has effective interpersonal skills, able to interact with individuals from a variety of levels within the private and public sectors.
 
 
Education
  • Bachelor’s degree in a technical field
 
Technology Platforms
  • Familiarity with cyber security technology, techniques and practices.
  • Familiar with standard office software MSWord, Excel, PowerPoint, SharePoint, and Access.
 
Certifications
  • One or more relevant certifications, such as CEH, CISSP, Network+, Security+ or similar.
 
Background and Experience
  • Three (3) to five (5) years of experience in cyber security analysis.
  • Familiarity with U.S. cyber security programs and supporting organizations, including law enforcement agencies and associations.
 
Security Clearance
  • Current or inactive US SECRET security clearance, or the ability to obtain same.
 
WORK ENVIRONMENT
 
This position is performed in an office work environment with physical demands associated with that environment. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
 
 

 

Financial Services Information Sharing and Analysis Center (FS-ISAC)

Position: Information Security Manager

Job Status: Full Time                                                         FLSA Status: Exempt

Reports To: Mid-Level Management                                Travel Required: 10 - 20%

Work Schedule: Mon - Fri: 40 hours                                 Positions Supervised: TBD

Firm: New Hire

 

POSITION SUMMARY

The Financial Services Information Sharing and Analysis Center (FS-ISAC) is a non-profit corporation that was established in 1999 and is funded by its member firms.  The FS-ISAC is a member-driven organization whose mission is to help assure the resilience and continuity of the global financial services infrastructure and individual firms against acts that could significantly impact the sector’s ability to provide services critical to the orderly function of the global economy.  The FS-ISAC shares threat and vulnerability information, conducts coordinated contingency planning exercises, manages rapid response communications for both cyber and physical events, conducts education and training programs, and fosters collaborations with and among other key sectors and government agencies.

As one of the premier ISAC’s, the FS-ISAC has a history of innovation and delivering valuable products and services to our members to help achieve our mission.  To ensure our members are continuously aware and prepared for today’s threats and tomorrow’s challenges, the FS-ISAC is seeking an Information Security Manager to manage the FS-ISAC security program.

 

JOB DESCRIPTION

The position of Information Security Manager is responsible for establishing the security strategy and the overall risk posture of the organization through the development of a comprehensive risk management program. This program is appropriate for the risk appetite of the organization focusing on the confidentiality, integrity, and availability of the organization and membership's information assets. The manager will work with the sales and marketing departments to enable membership sales opportunities and executive-level member engagement through thought leadership and relationship building.
This position reports directly to the Chief Information Risk Officer and will support the CIRO in communicating with the Board of Directors Security & Risk Committee.

 

RESPONSIBILITIES

Establish and maintain a global cyber risk and security program driven by established information protection and physical security policies. Collaborate with internal stakeholders to develop processes and procedures to carry out the intended goals of the policies.

Responsible for the development and management of a robust security program responsible for security operations, administration of logical and physical access, monitoring of threats against the organization and membership, vulnerability management, intrusion detection/prevention, malware detection/prevention/analysis, data loss prevention, forensics, incident response, and event logging/correlation.

Responsible for the continuity of business/disaster recovery program of the organization working closely with the Director of IT and Director of Business Resiliency to facilitate.

Having advanced knowledge of the global threat landscape, the incumbent will also shape the direction of the Intelligence program integrating threat information compiled from disparate sources with data available from email distro lists, vendor feeds, and commercial products to maintain existing intelligence products as well as enabling the creation of new product capabilities.

Be a global strategic thinker who knows how to integrate people and process with procedure while always executing on the broader mission.

Superb interpersonal skills to manage a highly diverse and global staff working in a fast-paced and dynamic environment.

Align with priorities and mission of the Chief Operating Officer, CIRO, & VP, Information Technology to ensure security is "baked in" to all operational functions of the organization.

Partner closely with the head of Sales & Marketing and Chief Product & Innovation Officer to enable sales opportunities by providing expertise in security to potential members typically at the C-Suite level.

 

DESIRED SKILLS AND EXPERIENCE
 

  • Strategic thinking, thought leadership, strong presentation skills.
  • Certification with ISSEP/CISSP, CISM, GSEC, etc.
  • Outsourcing management experience.
  • Strong working knowledge of global threat landscape from both a physical and cyber perspective.
  • 10+ years of experience leading a global cyber security program.
  • Ability to forge and maintain strong relationships with various government agency officials, membership leadership, and vendor executives.
  • Exceptional ability to manage resources and priorities across multiple time zones and countries; Multi-cultural knowledge a plus.
  • Previous law enforcement or inter-agency experience preferred.

 
ADDITIONAL INFORMATION

  • An equitable compensation package will be provided commensurate to work experience & job requirements.
  • Ability to obtain a Clearance from US government partner agency a plus.
  • The FS-ISAC offers a comprehensive benefits package including paid time off, medical, and dental benefits paid for by the employer, annual bonuses, 401k plan with company match and others.
     

REQUIRED EXPERIENCE

  • Cyber Security, Threat Intelligence, Vulnerability Management, Business Continuity, Security Operations, Security Architecture and Design, Identity & Access Management, Risk Management, Compliance & Audits, Business Enablement: +15 years.

 
REQUIRED EDUCATION

  • Bachelor's Degree in Computer Science, Business, Engineering, or related field.  
  • Master's degree or equivalent work experience preferred.


LOCATION

This position will be based in our Reston, VA global headquarters.

 


 

Financial Services Information Sharing and Analysis Center (FS-ISAC)

Position: Events Project Manager

Job Status: Full Time                                                                  FLSA Status: Exempt

Reports To: Shannon Cooper, Director Meetings and Events   Travel Required: Some Travel

Work Schedule: Mon - Fri: 40 hours                                         Positions Supervised: N/A

Firm: New Hire

 

POSITION SUMMARY


FS-ISAC hosts 4 Annual Trade Show Conferences (Summits) ranging in size from 300 - 1400 pax along with monthly member meetings, council meetings, webinars and other events. 

The Events Project Manager position will report directly to the Director of Meetings and Events and will be responsible for logistical support and overall coordination on all FS-ISAC events. Primary focus will be on the newly launched webinar program however other responsibilities include but are not limited to: membership meetings, Summits and Sector Services events. This position requires a self-directed individual who can work independently but is team oriented, organized, excels in project management and can multi-task while keeping a strong attention to detail. Ability to think and react quickly in a high-pressure environment required. 

 

JOB DESCRIPTION

Serve as project lead and coordinate closely with sales, marketing and content leads ensuring all deadlines are met.

Manage all aspects of event planning process from initial site selection to execution for member meetings and additional organization events. 

Coordinate logistical aspects of virtual and in-person events, including but not limited to registrations, agenda development, accommodations, transportation, catering, signage, budgeting and forecasting.

Negotiate and liaison with 3rd party vendors such as hotels, facilities, speaker’s bureaus, print houses, audio-visual, drayage and event security.

Conduct site visits as necessary for event locations, prepare RFPs for event services, oversee negotiations, execution and participate in the decision-making and recommendation process.

Develop and maintain operations/marketing timelines, event website and registration forms, agenda, budgets, weekly reports and other event specific data for virtual and in-person events.

Document and continuously improve procedures for all events while leveraging best practices and processes. 

Assist in the development of sponsorship opportunities and increasing revenue/cutting costs while developing new and innovative opportunities.

Perform final review, proofing and approval on all printed and digital event materials.

Act as onsite production manager for all aspects of events. 

Conduct and report on pre/post event evaluations and report on outcomes.

Perform other assignments as needed.

 

POSITION QUALIFICATIONS

Project Management - Capability to manage multiple projects simultaneously. Ability to make sure that the scope and direction of each project is on schedule, as well as other departments for support. Strong ability to plan, budget, oversee and document all aspects of the specific project you are working on.

Time Management - Strong ability to multi task and work under tight deadlines.

Interpersonal skills - Effectively interacts with individuals with variety of backgrounds and experience.

Calm Under Pressure - Ability to maintain calm during crisis and high pressure of an event in progress.

Oral Communication - Speaks clearly in positive or negative situations; listens and gets clarification.  

Problem Solving – Independently identifies potential problems; effectively communicates issues; offers problem solving input.

Professionalism - Self-motivated; responsible and disciplined; strong team orientation. 

Quality Management -  Is detail-oriented; submits high-quality work consistently without close supervision.

Negotiation Skills – Well versed in negotiation strategies and able to work out prices and agreements with vendors.

Written Communication – Writes clearly and informatively; able to edit and proof documents.

 

EDUCATION

  • Bachelor's Degree in Event Planning, Project/Business Management, Hospitality, Public Relations, Communications or related field. Equivalent work experience accepted.

 

EXPERIENCE

  • Minimum 3-5 year’s event planning or project management field experience required. CMP certification preferred.

 

TECHNOLOGY APPLICATIONS AND PLATFORMS

  • Experience in Marketing and Event Planning database administration
  • Knowledgeable in CMS systems, survey tools, form generation, project management systems and membership portal
  • Proficient in MS Office applications including One Drive, Outlook, Word, Excel and PowerPoint

 


 

Global Resilience Federation (GRF)

Position: Sr. Physical Security Analyst

Job Status: Full Time                                                         FLSA Status: Exempt

Reports To:TBD                                                                Travel Required: N/A

Work Schedule: Mon - Fri: 40 hours                                 Positions Supervised: N/A

Firm: New Hire

 

POSITION SUMMARY

The FS-ISAC is seeking an individual to serve as a Facility Security Officer / Senior Physical Security Analyst with primary focus on physical threats, geo-political environments, and NISPOM Compliance and management experience. As an Facility Security Officer (FSO) the candidate will be instrumental in leading the organizational facilities clearance process (as a non-possessing facility) with the Defense Security Service (DSS) and ensuring the company’s adherence to policies, practices, and procedures of the National Industrial Security Program Operating Manual (NISPOM) and applicable systems, along with providing subject matter expertise to the corporate security program in physical security. In addition to the responsibilities noted below, the candidate shall be utilized to support other GRF requirements and special programs.

 

The successful candidate will be responsible for:

Assist in synthetizing real-time and historical information, including information to create clear, concise, and actionable physical intelligence from multiple sources.

Developing in-depth knowledge of sector assets, activities and constituents to provide meaningful critical information support and develop best practices.

Support training of members/personnel through various means of instruction.

Developing expertise in physical threat identification, mitigation, and analysis for intelligence purposes.

Monitoring and analyzing real-time and historical information by conducting extensive research from various sources on a daily basis.

Support relationships with government agencies and other critical infrastructure sectors.

Able to make independent judgments and use discretion, and has the ability to identify facility related issues. 

Perform independent analysis and able to resolve security-related matters or challenges. 

Support collaborative efforts to draft and distribute analysis products on a recurring basis and conduct in-depth analysis of threats and incidents that affect the sector assigned.

Gather sector-specific related intelligence information from multiple sources to support the creation of an internal database to identify physical threat actor(s) tactics, techniques, and procedures (TTPs).

Manage the organizational clearance process, including but not limited to submitting all required documents to eFCL to achieve an organizational clearance, maintaining ACE’s active security clearance, and keeping leadership abreast of ongoing efforts, status, and risks.

Lead Facility Security Clearance by complying with government requirements to include maintaining the company’s Facility Security Clearance (FSL) records such as DD Form 441, SF-328, SF-86 and KPM List.

Develop and maintain an active fingerprint locations listing that meets DSS electronic transmission requirements.

Support staff with the security clearance process within eQUIP. Debrief staff and manage all aspects of the clearance termination process.

Develop a Standard Operating Procedure (SOP) for implementation of the NISPOM and physical security, as applicable.

Manage compliance with all aspects of the NISPOM.

Maintain personnel security records and data in accordance with the requirements NISPOM.

Provide oversight of the processing of new security clearances including tracking within JPAS (Joint Personnel Adjudication System).

Create a security education, training, briefing and awareness program specific to classified initiatives.

Interpret security policies; develop and implement security plans and procedures for compliance.

Conduct periodic self-inspections on the security posture of the company to determine performance and cost effectiveness. Advise management of any deficiencies or concerns and make recommendations for corrective actions as appropriate.

Ensure that subordinate business entities requiring access to classified information have a valid clearance at the proper level, and organizational appropriate agreements with the government.

Communicate security procedures to employees and subordinate business entities.

Work with staff to plan, coordinate, set priorities and provide guidance on projects or processes related to physical security and NISPOM initiatives. 

Manage physical security analysis support operations to multiple critical infrastructure sectors in identification, response, and recommended mitigations of physical threats and hazards.


Key Skills, Qualities and Experience

The successful candidate will:

Be self-motivated, responsible and disciplined, able to work as part of a team, handle multiple tasks simultaneously and consistently turn in high-quality work.

Be able to think critically and independently to identify potential threats to the sector, to research the nature of the threats, and to effectively communicate information concerning the threats to a large and diverse audience.

Have effective oral and written communications skills, with the ability to write focused situation reports and briefings quickly, accurately and without substantial editing.

Have effective interpersonal skills, able to interact with individuals from a variety of levels within the private and public sectors.

Be familiar with standard office software platforms, including MSWord, Excel, PowerPoint, SharePoint, MS Access, etc.

Be familiar with, or willing to train on Wiki related platforms and learn webpage development.

 

Required Experience:

  • Physical Security Program Management (multi-disciplined): 10+ years
  • Familiarity with security technology, techniques and practices, writing policy and guidance in private or public sector organizations.
  • Experience in investigations, security operations and surveillance techniques, access control, contract security, and physical security vulnerability assessment.
  • Bachelor's degree in a related field (criminal justice, security management, intelligence), master’s preferred.

 

Desirable Background Experience

  • Background in critical infrastructure protection and security, intelligence and physical security programs; experience or knowledge in supporting organizations, including government, military, law enforcement agencies and associations.
  • Expertise in physical security, defense, industrial security, counterterrorism, and physical security assessments preferred.
  • Prior military intelligence experience a plus.
  • Experience managing NISPOM compliance programs.
  • Prior military intelligence or security experience a plus.
  • Industry certifications a plus.

 

Additional Information

  • Security Clearance Required
  • Salary and benefits based on experience
  • This position is required to work in our Reston, VA office fulltime, M-F.

 

The GRF offers a comprehensive benefits package including paid time off, medical and dental benefits paid for by the employer, annual bonuses, 401k plan with company match and others.