Cyber Security Engineer Principal

Overview Federal Reserve Bank of Boston – Federal Reserve Financial Services (FRFS) delivers a suite of payments services to financial institutions via FedLine® Solutions, Fedwire® Funds and Securities, the National Settlement Service (NSS), FedCash®, FedACH®, Check Services, and the FedNow® Service. FRFS operates as an integrated organization with groups dedicated to customer experience, operations, technology, product and customer/industry management, enterprise services, payments system improvement, and ongoing growth of the FedNow instant payment service. The FRFS Enterprise focuses on speed, resilience, and unified customer experience, and strives to create career growth opportunities for FRFS staff.

The position will be primarily on-site with residency commutable to one of our offices required. This position is responsible for helping to ensure the security and integrity of the FedNow organization across people, operations, and technology. The individual will directly support security engineering and operations and provide cybersecurity expertise through consultation and hands-on technical activities.

Responsibilities Develop code to automate security frameworks into functional, secure infrastructure and deploy security tooling using automation as a foundation. Design and execute point-in-time security tests, automated or manual, against cloud workloads. DevSecOps integration – enable automated static and dynamic API security checks using CI/CD tools.

Enforce governance gates during key lifecycle phases (e.g., Design, Validate, Publish). Partner with application, security, and platform teams to embed security into API design, development, and deployment. Contribute to security architecture reviews, threat modeling, and technical design discussions.

Define, configure, and enforce API gateway policies for authentication, authorization, encryption, and traffic-management controls. Monitor traffic and collaborate with security and engineering teams on incident response and remediation. Represent a technologist’s point of view in selecting tooling and solutions.

Proven ability to collaborate, build relationships, and influence direct and indirect team members in a matrix-management environment. Present and debrief cybersecurity findings, risk posture, and control effectiveness to leadership and management audiences, translating technical security data into clear, actionable insights to support informed decision-making; actively seek to remove barriers and improve security across the program. Document technical solutions developed and the supporting processes.

Identify and address root causes of issues, focusing on solving problem categories rather than individual instances; engage early and comprehensively. Qualifications / Expertise 5+ years of experience in an object-oriented language (Python, Java, or Go preferred). Experience working in a DevSecOps software development environment. 5+ years of experience in Cyber Security, with a focus on API gateway engineering. 5+ years of Cloud Native experience (AWS preferred).

Strong understanding of API Security, OWASP API Top 10, secure API design principles. Exposure to API gateway security tools (runtime protection, discovery, or posture management). Proficiency in working with Infrastructure as Code (e.g., Terraform, Pulumi).

Proven experience building and securing CI/CD pipelines (GitHub, GitLab CI, Jenkins, etc.). Proficiency with container technologies (Docker, Kubernetes) and their security implications. Expertise with Cloud IAM configuration/policies, container orchestration/testing.

Lead and execute cyber incident response activities with a focus on senior-level responsibilities. Strong communication skills with the ability to influence at all levels of the organization; ability to simplify complex security topics for consumption and decision making. Logistics and Requirements The ability to obtain security clearance.

Be able to support on-call and work-rotation activities. Relevant certifications (e.g., CISSP, CISM, GIAC, AWS, AZURE). Federal Reserve System candidates will remain employed at current Federal Reserve Bank but report into the FedNow team via cross-district arrangement.

The salary range for this position is $170,200 - $212,700 - $255,200. The Boston Fed believes in salary transparency. The final salary and offer will be determined by the applicant’s background, skills, internal equity, and alignment with market data.

Whether you’re developing into the job or are a more seasoned candidate, we aim to pay competitively. All employees assigned to this position will be subject to FBI fingerprint/criminal background and Patriot Act/OFF watch list checks at least once every five years. The above statements describe the general nature and level of work required and are not intended to be an exhaustive list of duties, responsibilities, or skills.

Management reserves the right to revise this description at any time. Other details Full Time / Regular Job Exempt (Yes / No): Yes Job Category: Information Technology Family Group Work Shift: First (United States of America) Always verify and apply to jobs on Federal Reserve System Careers or verified Federal Reserve Bank social media channels. #J-18808-Ljbffr