Cybersecurity Risk Senior Analyst

At Freddie Mac, our mission of Making Home Possible is what motivates us, and it’s at the core of everything we do. Since our charter in 1970, we have made home possible for more than 90 million families across the country. Join an organization where your work contributes to a greater purpose.

Position Overview:

Are you passionate about cybersecurity and technical risk? At Freddie Mac, we offer a career that allows you to do rewarding work with newest technologies, while growing your cybersecurity and risk management skillsets!

Our Impact:

As part of Freddie Mac’s Enterprise Risk (ER) Division, the Technology Risk Management Team provides 2nd Line of Defense oversight of the company’s Cybersecurity and Identity Access Management (IAM) efforts.

We are looking for a team member who can join us in supporting the development, validation and monitoring of cyber security capabilities.

Your Impact:

By bringing your expertise and skills to our team, you will be able to impact the development and execution of the oversight efforts and provide support for the core functions within ER.

Your responsibilities will fall into two primary categories:

Cybersecurity and IAM Risk Management

• Enhance and mature Risk Management practices by supporting the development of enterprise-wide cybersecurity policies and standards

• Provide oversight and advisory services to 1st line partners regarding the application of standard requirements across a wide variety of technologies to manage risk.

• Support the development and execution of controls to monitor cybersecurity compliance and drive organizational change

• Develop effective and measurable metrics (KRI, KPI and KCI) to analyze data and proactively identify trends or new/emerging risks

• Execute risk analytics and reporting

• Provide advisory consultation to lines of businesses and make course of action recommendations to manage risk

Leadership/Oversight

• Effectively challenge our 1st line of defense technology teams while collaborating with the 3rd line of defense and internal 2nd line partners.
• Collaborate with key risk areas, business partners, and IT counterparts to design action plans to address Cybersecurity and IAM risk
• Autonomously lead program execution with documented project plans, expectations and schedule
• Provide status reports, escalation and impediment resolution when needed
• Support the Director in leading and managing the team

Qualifications:

• Bachelor’s Degree or equivalent experience

• 5+ years of relevant experience

• Some industry leading Certifications preferred: CISSP, CISA, CRISC, CISM, CEH, and/or CIPT

• Prior experience in IT Operational Risk Management methodologies and principles, previous big four experience preferred

• Minimum of 5 years+ working in and/or auditing IT security areas such as penetration testing, operations, threat intelligence, monitoring, vulnerability management or security engineering in large enterprises.

• Knowledge of cloud migration, security and access management experience preferred

• Demonstrates proficiencies and comfortable working in the previously stated cybersecurity domains.

• Working knowledge of industry security standards and guidance such as NIST or ISO

• Capable of working independently and within a collaborative team environment

• Must demonstrate the ability to deliver effective verbal, written and interpersonal communication skills.

Keys to Success in this Role:

• Ability to think broadly but also be detail-oriented

• Ability to understand and work with a diverse group of stakeholders within all lines of defense

• Direct experience with IT, privacy data and management practices/processes

• Self-motivated, pro-active and results driven problem solver with the capability to managing multiple priorities without heavy supervision

• Ability to think analytically to develop solutions in an ambiguous and fast paced environment

Current Freddie Mac employees please apply through the internal career site.

We consider all applicants for all positions without regard to gender, race, color, religion, national origin, age, marital status, veteran status, sexual orientation, gender identity/expression, physical and mental disability, pregnancy, ethnicity, genetic information or any other protected categories under applicable federal, state or local laws. We will ensure that individuals are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

A safe and secure environment is critical to Freddie Mac’s business. This includes employee commitment to our acceptable use policy, applying a vigilance-first approach to work, supporting regulatory mandates, and using best practices to protect Freddie Mac from potential threats and risk. Employees exercise this responsibility by executing against policies and procedures and adhering to privacy & security obligations as required via training programs.

CA Applicants:  Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

Notice to External Search Firms: Freddie Mac partners with BountyJobs for contingency search business through outside firms. Resumes received outside the BountyJobs system will be considered unsolicited and Freddie Mac will not be obligated to pay a placement fee. If interested in learning more, please visit www.BountyJobs.com and register with our referral code: MAC.

Time-type:Full time

FLSA Status:Exempt

Freddie Mac offers a comprehensive total rewards package to include competitive compensation and market-leading benefit programs. Information on these benefit programs is available on our Careers site.

This position has an annualized market-based salary range of $111,000 - $167,000 and is eligible to participate in the annual incentive program. The final salary offered will generally fall within this range and is dependent on various factors including but not limited to the responsibilities of the position, experience, skill set, internal pay equity and other relevant qualifications of the applicant.