Careers

 

FS-ISAC - Position Openings

Information Security Manager, FS-ISAC

​Sales Administrative Associate, FS-ISAC

Cyber Threat Intelligence Analyst, GRF

Full job descriptions of the positions listed above are available following the position openings section. To apply, please send a cover letter and resume to HR@fsisac.com with the position's title listed in the subject line.

 


 

Financial Services Information Sharing and Analysis Center (FS-ISAC)

Position: Information Security Manager

Job Status: Full Time                                                         FLSA Status: Exempt

Reports To: Mid-Level Management                                Travel Required: 10 - 20%

Work Schedule: Mon - Fri: 40 hours                                 Positions Supervised: TBD

Firm: New Hire

 

POSITION SUMMARY

The Financial Services Information Sharing and Analysis Center (FS-ISAC) is a non-profit corporation that was established in 1999 and is funded by its member firms.  The FS-ISAC is a member-driven organization whose mission is to help assure the resilience and continuity of the global financial services infrastructure and individual firms against acts that could significantly impact the sector’s ability to provide services critical to the orderly function of the global economy.  The FS-ISAC shares threat and vulnerability information, conducts coordinated contingency planning exercises, manages rapid response communications for both cyber and physical events, conducts education and training programs, and fosters collaborations with and among other key sectors and government agencies.

As one of the premier ISAC’s, the FS-ISAC has a history of innovation and delivering valuable products and services to our members to help achieve our mission.  To ensure our members are continuously aware and prepared for today’s threats and tomorrow’s challenges, the FS-ISAC is seeking an Information Security Manager to manage the FS-ISAC security program.

 

JOB DESCRIPTION

The position of Information Security Manager is responsible for establishing the security strategy and the overall risk posture of the organization through the development of a comprehensive risk management program. This program is appropriate for the risk appetite of the organization focusing on the confidentiality, integrity, and availability of the organization and membership's information assets. The manager will work with the sales and marketing departments to enable membership sales opportunities and executive-level member engagement through thought leadership and relationship building.
This position reports directly to the Chief Information Risk Officer and will support the CIRO in communicating with the Board of Directors Security & Risk Committee.

 

RESPONSIBILITIES

Establish and maintain a global cyber risk and security program driven by established information protection and physical security policies. Collaborate with internal stakeholders to develop processes and procedures to carry out the intended goals of the policies.

Responsible for the development and management of a robust security program responsible for security operations, administration of logical and physical access, monitoring of threats against the organization and membership, vulnerability management, intrusion detection/prevention, malware detection/prevention/analysis, data loss prevention, forensics, incident response, and event logging/correlation.

Responsible for the continuity of business/disaster recovery program of the organization working closely with the Director of IT and Director of Business Resiliency to facilitate.

Having advanced knowledge of the global threat landscape, the incumbent will also shape the direction of the Intelligence program integrating threat information compiled from disparate sources with data available from email distro lists, vendor feeds, and commercial products to maintain existing intelligence products as well as enabling the creation of new product capabilities.

Be a global strategic thinker who knows how to integrate people and process with procedure while always executing on the broader mission.

Superb interpersonal skills to manage a highly diverse and global staff working in a fast-paced and dynamic environment.

Align with priorities and mission of the Chief Operating Officer, CIRO, & VP, Information Technology to ensure security is "baked in" to all operational functions of the organization.

Partner closely with the head of Sales & Marketing and Chief Product & Innovation Officer to enable sales opportunities by providing expertise in security to potential members typically at the C-Suite level.

 

DESIRED SKILLS AND EXPERIENCE
 

  • Strategic thinking, thought leadership, strong presentation skills.
  • Certification with ISSEP/CISSP, CISM, GSEC, etc.
  • Outsourcing management experience.
  • Strong working knowledge of global threat landscape from both a physical and cyber perspective.
  • 10+ years of experience leading a global cyber security program.
  • Ability to forge and maintain strong relationships with various government agency officials, membership leadership, and vendor executives.
  • Exceptional ability to manage resources and priorities across multiple time zones and countries; Multi-cultural knowledge a plus.
  • Previous law enforcement or inter-agency experience preferred.

 
ADDITIONAL INFORMATION

  • An equitable compensation package will be provided commensurate to work experience & job requirements.
  • Ability to obtain a Clearance from US government partner agency a plus.
  • The FS-ISAC offers a comprehensive benefits package including paid time off, medical, and dental benefits paid for by the employer, annual bonuses, 401k plan with company match and others.
     

REQUIRED EXPERIENCE

  • Cyber Security, Threat Intelligence, Vulnerability Management, Business Continuity, Security Operations, Security Architecture and Design, Identity & Access Management, Risk Management, Compliance & Audits, Business Enablement: +15 years.

 
REQUIRED EDUCATION

  • Bachelor's Degree in Computer Science, Business, Engineering, or related field.  
  • Master's degree or equivalent work experience preferred.


LOCATION

This position will be based in our Reston, VA global headquarters.

 


 

Financial Services Information Sharing and Analysis Center (FS-ISAC)

Position: Sales Administrative Associate

Job Status: Full Time                                                         FLSA Status: Non-Exempt

Reports To: Alyssa Shaffer, Sales & Marketing Mgr       Travel Required: Likely none

Work Schedule: Mon - Fri: 40 hours                                 

Firm: New Hire

 

POSITION SUMMARY

The Financial Services Information Sharing and Analysis Center (FS-ISAC), was created by and for members and operates as a member-owned non-profit entity. FS-ISAC provides vital information to the financial services sector to assist financial firms in protecting their critical infrastructure assets and confidential information. The Sales Administrative Assistant is part of the team responsible for revenue generation and growth at FS-ISAC and reports into the SVP of Sales and Marketing. This position is characterized by strong communication, research and project management skills. The Sales Administrative Assistant is responsible for navigating multiple databases and ensuring data integrity always.

 

ESSENTIAL FUNCTIONS


Provide administrative support for new financial institution membership, Affiliate Partnerships, and provide project management support for the additional Affiliate Partner Products. Responsible for scheduling sales calls, opening conference line and taking notes for follow and next steps, as needed.

Email follow up/next steps to sales calls and campaigns that generate new revenue from members and vendors.

Working with Sales team to ensure timely follow on agreements, executing and responsible for POC form process.

Researching and identifying new contacts using LinkedIn, member and sponsor referrals, and other search engine tools.

Utilizing Hoovers plus other data sources to evaluate new inbound small tier membership applications, follow-up with details to join.

Utilizing data sources to vet and evaluate new inbound inquires;

Work closely with Sales Rep to vet, evaluate and follow up with new inbound small tier FI membership leads.

Respond and assist with new inbound Affiliate Partner inquiries, work closely with Sales Associate.

Respond and assist with new inbound Sponsorship/Summit inquiries, work closely with Sales Manager pre and post Summit.

Participate in pipeline calls to review progress.

Send action items out to internal team members.

Provide administrative support to SVP of Sales & Marketing and Department Manager including travel coordination, call scheduling, etc.

Ability to interact successfully via phone and email with senior executives.

Manage sales and marketing databases by:
Documenting all sales conversations in Salesforce.

Entering data and cleaning prospect data utilizing Salesforce, Hoovers and other systems.

Performing list pulls, reports and dashboard usage in Salesforce.com.

Preparing reports by collecting and analyzing information.

Understanding procedural or data integrity pains and address with potential solutions.

Perform other assignments as needed.

 

POSITION QUALIFICATIONS

Competency Statement(s).  To perform the job successfully, an individual should demonstrate the following competencies:

Analytical - Collects and researches data; uses intuition and experience to complement data.

Business Acumen - Understands business implications of activities; exhibits interest in learning business cultures from around the world

Interpersonal skills - Effectively interacts with individuals with variety of backgrounds and experience.

Oral Communication - Speaks clearly and persuasively in positive or negative situations; listens and gets clarification.  

Organizational Support - Follows established policies and procedures; completes administrative tasks correctly and on time; supports organization's goals and values.  

Planning and Organizing - Prioritizes tasks and activities effectively; handles multiple tasks simultaneously; ability to plan, coordinate and implement activities.

Problem Solving - Independently identifies potential problems; effectively communicates issues; offers problem solving input.

Professionalism – Self-motivated; responsible and disciplined; demonstrates a strong team orientation. 

Quality Management -  Is detail-oriented; consistently turns in high-quality work without close supervision.

Written Communication - Writes clearly and informatively; able to edit and write documents.

 

EDUCATION

  • Associates or Bachelors’ degree in Business Administration or related field.  

 

EXPERIENCE

  • Minimum of three years database management, sales admin/customer service support
  • Knowledge of financial industry a plus

 

TECHNOLOGY APPLICATIONS AND PLATFORMS 

  • Experience in Marketing or Sales database administration.
  • Familiar with Sales Force, Docusign, LinkedIn, Pardot, Skype and the ability to move around in a portal.
  • Proficient in MS Office applications including One Drive, Outlook, Word, Excel and PowerPoint.

 


 

Global Resilience Federation (GRF)

Position: Cyber Threat Intelligence Analyst

Job Status: Full Time                                                         FLSA Status: Exempt

Reports To: TBD                                                              Travel Required: None

Work Schedule: Mon - Fri: 40 hours                                 Positions Location: Reston, VA

Firm: New Hire

 

POSITION SUMMARY

The mission of the Global Resilience Federation (GRF) is to help assure the resilience and continuity of vital infrastructure and individual organizations against threats and acts that could significantly impact individual organizations and various sectors’ ability to provide services critical to the orderly functioning of the global economy. GRF is a non-profit spin-off from the Financial Services Information Sharing and Analysis Center (FS-ISAC) that provides support and technology to ISACs, ISAOs, and other communities around the world, with co-located analysts supporting individual communities and participating in cross-sector sharing and collaboration. 

The mission of the Global Resilience Federation (GRF) is to help assure the resilience and continuity of vital infrastructure and individual organizations against threats and acts that could significantly impact individual organizations and various sectors’ ability to provide services critical to the orderly functioning of the global economy. GRF is a non-profit spin-off from the Financial Services Information Sharing and Analysis Center (FS-ISAC) that provides support and technology to ISACs, ISAOs, and other communities around the world, with co-located analysts supporting individual communities and participating in cross-sector sharing and collaboration.  

 

Job Description

GRF is seeking an individual to serve as a Cyber Threat Intelligence Analyst. The primary focus of the Cyber Threat Intelligence Analyst is to support the oil and gas critical infrastructure and member of that sector.

 

Responsibilities

Monitor external, internal, and open source feeds for relevant cyber threats, incidents, and/or cyber activity that may have an impact on the oil and gas sector and/or relevant sectors and assets.  

Stay up to date on commodity/opportunistic malware and threats and targeted malware variants and threats.

Analyze indicators, observables, and incidents that are submitted by clients/members to create actionable intelligence reports with mitigation recommendations and in-depth analysis.

Conduct briefings and host meetings on threat actors, threats, malware variants, TTPs, and APTs to clients/members.

Produce predictive and reactive cyber threat intel reports on new or updated cyber threats, new TTPs, campaigns (phishing/spear phishing/watering hole).

Correlate activity found on internal/external feeds and with what companies and members within critical infrastructure sectors are seeing or may see. 

Conduct analysis on files/binaries, packet captures, and supporting materials to extract relevant artifacts, observables, and IOCs. 

Proactively look for cyber threats via open feeds, internal feeds, VirusTotal, Hybrid-Analysis, or similar sources. 

 

DESIRED SKILLS AND EXPERIENCE

  • Understanding of cyber kill chain model (or intrusion kill chain), diamond model, and ACH.
  • Great writing and communication skills.
  • Experience with ThreatConnect and ThreatStream.
  • Ability to analyze network packet captures (PCAPs), IP addresses, triage binaries and files, and incidents. 
  • Understanding of certain threat actors, correlate cyber and geopolitical activity, and produce tailored intel reports. 
  • Basic Cybersecurity Certifcations (Security+, CEH, GCIH, etc.)

 

Required Education:

  • 3 – 5 years of relevant experience; previous experience in either a SOC, intelligence or cyber threat intelligence.
  • SANS/GIAC Certification in one of the following: GREM, GCTI, GCIA, or GPEN or a similar certification.
  • Understand malware analysis or familiar with reverse engineering.
  • Ability to write and understand YARA and SNORT rules.

 

The GRF offers a comprehensive benefits package including paid time off, medical and dental benefits paid for by the employer, annual bonuses, 401k plan with company match and others.