FEDERAL HOME LOAN BANKS OFFICE OF FINANCE 

POSITION DESCRIPTION

SUMMARY OF POSITION

The Senior Security Engineer will design, install, configure, and maintain a set of security tools and serve as the Subject Matter Expertise (SME) for those security tools.  The Senior Security Engineer will be focused on Application security and ensure that OF applications and services are secured, implemented with security best practices, and build monitoring capabilities. The person will collaborate with other IT teams in building secure applications and services. 

We’re proud of the way our teammates have a positive impact on everything we do. Our employees are committed to and exemplify our Core Values:

• Integrity through accountability, consistency, transparency and trust
• Agility through adaptability, continuous improvement, expertise, and flexibility
• Partnership through collaboration, communication, leadership, and teamwork
• Inclusivity through diversity, relationships, respect, and support

PRINCIPAL RESPONSIBILITIES

• Develop and maintain software application security policies and procedures
• Implement software application security controls
• Partner with DevOps in developing a secure CICD pipeline
• Design and implement web application firewall (WAF) capabilities, to protect traditional web applications and APIs
• Identify application security vulnerabilities and issues, perform risk assessments and provide mitigations
• Develop security monitoring for applications, endpoints and network
• Conduct technical investigations of application security incidents 
• Interface with senior stakeholders across the IT leadership team to proactively interpret risks and priorities.
• Support the OF’s diversity and inclusion strategy by following policies and procedures that ensure opportunities for employees and diverse business partners.
• Assist with other job duties as assigned.

PRINCIPAL JOB REQUIREMENTS 

• A minimum of 6 to 8 years of experience in designing, implementing and operating web application firewalls
• Hands-on experience with web application security, including OWASP Top 10 vulnerabilities 
• Hands-on experience with API security, container security and hardening container platform
• Hands-on experience with conducting web application security scans, vulnerability assessments and/or penetration testing
• Experience in investigating problems and processes within established methodologies and best practices.
• Experience working with Authentication and Authorization services like OAuth and OpenID
• Experience in operating on-prem or cloud-based security platforms
• Ability to troubleshoot, communicate and resolve network related issues
• Ability to listen and integrate ideas from diverse groups of individuals, build and maintain respectful relationships, collaborate with others, and resolve conflicts constructively.
• Bachelor’s Degree in Information Security or Computer Science or Computer/Electrical Engineering, and/or equivalent field experience. 
• Proof of eligibility to work in the United States.

EQUAL EMPLOYMENT OPPORTUNITY 

The Federal Home Loan Banks Office of Finance is committed to equal employment opportunity without regard to race (including traits historically associated with race, such as hair texture, hair type and protective hairstyles), color, religion, sex, pregnancy (including childbirth, lactation, and related medical conditions), national origin or ancestry, age, physical or mental disability, veteran status, uniformed service member status, military status, sexual orientation, gender identity, status as a parent, marital status, genetic information (including testing and characteristics), citizenship status, or any other characteristic protected by applicable federal, state, or local law.