National IT Information Security Compliance - Summer Internship - Full-time / Part-time

The mission of the Federal Reserve System is to foster the stability, integrity, and efficiency of the nation’s monetary, financial, and payments systems to promote optimal economic performance. Within this broad context the vital mission of the National IT Services is to deliver superior value to our customers through world-class IT services and solutions that are responsive to business needs, adaptive to change, and essential to the mission of the Federal Reserve System.

National IT is seeking candidates for its Summer Intern program. This program provides an opportunity to collaborate with a talented and dedicated team of information technology and support professionals.

Job Summary:

Under direct supervision assists in the technical design, development, implementation, and support of the organizations computing environment. Provides focus and direction on one or more moderately complex projects to ensure goals and objectives are accomplished within prescribed time frame and within budgeted expenses allocated. Role may represent a cross section of functional and support areas.

• Principal Duties and Responsibilities:

Provides coordination, consultation, and leadership support for all of the IS Risk & Compliance department's compliance related activities and programs (NIST-800-53/SAFR compliance, COSO control testing) and is responsible for ensuring that all associated requirements are met.


Analyze activities and requirements associated with the execution of the SAFR Risk Management Process to determine overall system compliance and security posture of the Federal Reserve.


Assists in the coordination of activities with FRS information security professionals to understand local compliance practices.


Assist in the determination/recommendation of appropriate security or control measures.


Assist leadership with the coordination of audit engagements for numerous internal and external audit engagements, ensures that management responses are completed on time and that findings are tracked and remediated on schedule.


Performs other incidental duties as required.

Education/Experience:

Currently pursuing a Bachelor's Degree in Computer Science, Information Systems, or Engineering strongly desired. A GPA of 3.0 or higher is strongly desired. Courses related to risk identification and management, information systems, cybersecurity governance, risk, and compliance is desired.

Position Requirements:

Working level knowledge preferred of risk and compliance management frameworks, practices and processes and information security standards and practices such as NIST 800, COSO, ISO 9001, ISO 2700.


Knowledge of technical areas (e.g., operating systems, network, middleware, database, security, contingency, day-to-day operations, etc.)


Knowledge of project management principles, advanced problem resolution skills; relationship management skills.


Produces and maintains the information and tools necessary to support IS compliance efforts.


Basic understanding of IT organizations and operations and the ability to interpret and communicate interdependencies as they relate to end-to-end IT processes.

Skills required:

Desire and ability to learn the business of IT (overall view of IT) and information security and project management. Strong ability to solve problems by considering available information, prioritizing and making timely decisions; and to draws logical conclusions. Entry skill level in areas of analysis, statistics, organization, innovation, and creativity. Entry level oral and written communication skills to gather and translate, interpret and illustrate data, present reports, and interact with all levels of FRIT/System management, technical staff, and vendors. Entry level skills in coordinating/facilitating and in resolving conflicts desired. Respond to change in a positive manner.

• Other/Additional Requirements:

This position works under close supervision and guidance in planning details of established procedures and methods to attain definite objectives. It has responsibility for planning and performance with guidance or assistance on professional aspects of work. Subject matter handled can be sensitive and requires use of discretion. Occasional interaction with senior level National IT management to present report on project status. Has frequent contact with assigned mentor to discuss assignments/project and to determine resources and report status. Has frequent contacts with other Reserve System staff/management during project related work and group meetings. May assist managers on System level groups. Contacts require use of persuasion, effective responsiveness, professional presentation, diplomacy and tact. Follows established methods and clear-cut policy with supervision. Most work can be performed while seated.

U.S. Citizenship is required.

Candidate should review the FRB Employee Code of Conduct to ensure compliance with issues related to previous employment and prohibited financial interests. The Code is available on the About Us, Careers webpage at www.richmondfed.org

• Denotes essential duties and/or any physical requirements required to perform essential duties for the role.

The deadline to apply for this opening is October, 27, 2017.