Cyber Security Engineer Principal

Federal Reserve Bank of Boston Federal Reserve Financial Services (FRFS) delivers a suite of payments services to financial institutions via FedLine, Fedwire, National Settlement Service (NSS), FedCash, FedACH, Check Services, and the FedNow Service. FRFS operates as a fully integrated organization with groups dedicated to customer experience, operations, technology, product and industry management, enterprise services, and payments system improvement. The organization focuses on the growth and development of the FedNow instant payment service, providing speed, resilience, and choice to FRFS customers across the United States.

The position will be primarily on‑site with residency commutable to one of the Federal Reserve Bank offices. This role is responsible for helping to ensure the security and integrity of the FedNow organization across people, operations, and technology. The individual will directly support security engineering and operations and provide cybersecurity expertise through consultation and hands‑on technical activities.

Desired Qualifications Programming languages relevant to web and API development such as Python, Java, or Go are required. Experience testing security of cloud workloads. Strong understanding of web service protocols, REST principles, and client‑server architecture.

Strong understanding of API defense strategies and ability to implement them. Foundational understanding of logging and monitoring tools to detect anomalies and respond to incidents in real time. Strong attention to detail and creative problem‑solving skills.

Ability to effectively communicate risks and solutions to both technical and non‑technical stakeholders. Collaboration skills within a team that includes developers, platform architects, and project managers in a multi‑district environment. What will be expected of you Develop code to automate security frameworks into functional, secure infrastructure and deploy security tooling using automation as a foundation.

Design and execute point‑in‑time security tests, automated or manually, against cloud workloads. Integrate DevSecOps by enabling automated static and dynamic API security checks using CI/CD tools and enforce governance gates during key lifecycle phases (e.g., Design, Validate, Publish). Partner with application, security, and platform teams to embed security into API design, development, and deployment.

Contribute to security architecture reviews, threat modeling, and technical design discussions. Define, configure, and enforce API gateway policies for authentication, authorization, encryption, and traffic management controls. Monitor traffic and collaborate with security and engineering teams on incident response and remediation.

Represent a technologist’s point of view in selecting tooling and solutions. Build relationships and influence team members in a matrix‑management environment. Present and debrief cybersecurity findings, risk posture, and control effectiveness to leadership, translating technical security data into clear, actionable insights.

Document technical solutions and supporting processes. Identify and address root causes of issues, focusing on solving problem categories rather than individual instances. Expertise you would bring 5+ years of experience in an object‑oriented language (Python, Java, or Go preferably).

Experience working in a DevSecOps software development environment. 5+ years of experience in Cyber Security, focusing on API gateway engineering. 5+ years of Cloud Native experience (AWS preferred). Strong understanding of API Security, OWASP API Top 10, and secure API design principles. Exposure to API gateway security tools (runtime protection, discovery, or posture management).

Proficiency in working with Infrastructure as Code (IaC) (e.g., Terraform, Pulumi). Proven experience building and securing CI/CD pipelines (GitHub, GitLab CI, Jenkins, etc.). Proficiency with container technologies (Docker, Kubernetes) and their security implications.

Expertise with Cloud IAM configuration/policies, container orchestration/testing. Lead and execute cyber incident response activities, including detection, analysis, containment, eradication, and recovery at a senior level. Strong communication skills with the ability to influence at all levels of the organization and simplify complex security topics.

Logistics and Requirements Ability to obtain security clearance. Availability to support on‑call and work‑rotation activities. Relevant certifications (e.g., CISSP, CISM, GIAC, AWS, Azure).

Federal Reserve System candidates will remain employed at their current Federal Reserve Bank but report into the FedNow team via cross‑district arrangement. Salary range: $170,200 – $212,700 – $255,200. All employees assigned to this position will be subject to FBI fingerprint/ criminal background and Patriot Act/ Office of Foreign Assets Control (OFAC) watch‑list checks at least once every five years.

The above statements are intended to describe the general nature and level of work required of this position and are not an exhaustive list of all duties, responsibilities or skills associated with it. Management reserves the right to revise this job description at its discretion. The Federal Reserve System is committed to a diverse and inclusive workplace and to provide equal employment opportunities to all persons without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, genetic information, disability, or military service. #J-18808-Ljbffr