Director Cyber Security Python Jobs in Boston, MA

Job Summary:
The Federal Reserve Bank of Boston is seeking a Cyber Security Engineer Principal to ensure the security and integrity of the FedNow organization across people, operations, and technology. This role involves supporting security engineering and operations, providing cybersecurity expertise, and collaborating with various teams to embed security into API design and deployment.
Responsibilities:
• Develop code to automate security frameworks into functional, secure infrastructure and deploy security tooling using automation as a foundation.
• Design and execute point-in-time security tests, automated or manually, against cloud workloads.
• DevSecOps integration – enable automate static and dynamic API security checks using CI/CD tools. Enforce governance gates during key lifecycle phases (eg. Design, Validate, Publish)
• Partner with application, security, and platform teams to embed security into API design, development, and deployment.
• Contribute to security architecture reviews, threat modeling, and technical design discussions
• Define, configure, and enforce API gateway policies for authentication, authorization, encryption, and traffic-management controls
• Monitor traffic and collaborate with security and engineering teams on incident response and remediation
• Represent a technologist’s point of view in selecting tooling and solutions.
• Proven ability to collaborate, build relationships and influence direct & in-direct team members in a matrix-management environment.
• Present and debrief cybersecurity findings, risk posture, and control effectiveness to leadership and management audiences, translating technical security data into clear, actionable insights to support informed decision-making. Actively seek to remove barriers and improve security across the program.
• Document technical solutions developed and the supporting processes.
• Identify and address the root causes of issues, focusing on solving problem categories rather than individual instances. Engage early and comprehensively.
Qualifications:
Required:
• Programming Languages relevant to web and API development such as Python, Java, GO is required
• Experience security testing cloud workloads.
• Strong understanding of web service protocols, REST principles, and client-server architecture is necessary
• Strong understanding of API defense strategies and ability to implement
• Foundational understanding of logging and monitoring tools to detect anomalies and respond to incidents in real-time
• Strong attention to detail and creative problem-solving are essential for navigating complex security challenges
• Ability to effectively communicate risks and solutions to both technical and non-technical stakeholders
• Collaborating effectively within a team, including developers, platform architects, and project managers in a multi-district environment
• 5+ years of experience in an object-oriented language (Python, Java, or Go preferably)
• Experience working in a DevSecOps software development environment
• 5+ years of experience in Cyber Security, with a focus on API gateway engineering
• 5+ years of Cloud Native experience (AWS preferred)
• Strong understanding of API Security, OWASP API Top 10, secure API design principles
• Exposure to API gateway security tools (runtime protection, discovery, or posture mgmt.)
• Proficiency in working with Infrastructure as Code (i.e Terraform, Pulumi)
• Proven experience building and securing CI/CD pipelines (GitHub, GitLab CI, Jenkins, etc.)
• Proficiency with container technologies (Docker, Kubernetes) and their security implications
• Expertise with Cloud IAM configuration/policies, container orchestration/testing
• Lead and execute cyber incident response activities, including detection, analysis, containment, eradication, and recovery with a focus on senior-level responsibilities.
• Strong communication skills with ability to influence at all levels of the organization; ability to simplify complex security topics for consumption and critical decision making
• The ability to obtain security clearance
• Be able to support on-call and work-rotation activities
• Relevant certifications (e.g., CISSP, CISM, GIAC, AWS, AZURE).
Company:
Federal Reserve Bank of Boston promotes sound growth and financial stability in New England and the nation. Founded in 1914, the company is headquartered in Boston, USA, with a team of 1001-5000 employees. The company is currently Late Stage.