Freddie Mac Cyber Security Sr in Reston, Virginia
Reston, VA 3
Full Time/Part Time:
This Information Security (IS) Senior role will be part of the Security Assurance group in the Information Technology Division. Information Security engages with multiple risk, compliance, business area management, technology owners and external stakeholders. This position will provide timely and quality service to ensure that IS vulnerabilities are adequately identified and communicated.
• Perform Vulnerability and Threat Assessments (VTAs) on Freddie Mac applications and tools per Freddie Mac’s Information Security Framework
• Document identified Information Security vulnerabilities to incorporate relevance and impact to Freddie Mac systems, infrastructure and business processes
• Understand and communicate how vulnerabilities can be exploited within technology and the Freddie Mac environment in a manner that resonates with the business areas
• Provide remediation recommendations and/or recommend alternate solutions to resolve vulnerabilities
• Assist in identifying and communicating application control deficiencies and the associated impact.
• Provide security consulting and advisory services to business units and project teams.
• Develop and maintain relationships with internal and external customers
• Research and maintain knowledge base regarding information security issues, solutions and potential implications for Freddie Mac.
• Support requirements gathering and design efforts of critical projects and process improvement efforts as needed.
• Define and report Security metrics
• Effectively communicate orally and in writing conclusions and recommendations in a clear, technically sound manner.
• Provide quality control reviews and guidance to junior staff members
• Other duties as assigned
Work Location Zip Code:
• Minimum 5 years of hands-on technology risk, security and/or governance experience.
• Minimum Bachelor’s degree in Information Systems or related field or an equivalent combination of education and experience.
• CISSP, CISA, CISM or equivalent designation.
• Solid understanding of information security policies, standards, industry best practices, and frameworks. (ISO 27K, NIST 800 series, COBIT, etc.)
• Solid understanding of network security, OSI model, and information security architecture.
• Demonstrated knowledge in penetration testing, vulnerability scanning, DAST and SAST tools and techniques.
• Ability to analyze vulnerabilities and determine the overall security health of a system
• Excellent written and communication skills.
• Excellent analytical and problem solving skills
• Demonstrated organizational skills with respect to time management and work production
• Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.
• Proficiency in Microsoft Office Products (Word, Excel, PowerPoint)
Work Location City:
Senior Cyber Risk Analyst - Cyber Security
Today, Freddie Mac makes home possible for one in four home borrowers and is one of the largest sources of financing for multifamily housing. Join our smart, creative and dedicated team and you’ll do important work for the housing finance system and make a difference in the lives of others. Freddie Mac is an equal opportunity and top diversity employer. EOE, M/F/D/V.
Work Location State:
Information Technology (IT)