Fannie Mae Careers
Multifactor Authentication Engineer
- Conduct platform or operating system vulnerability scans that assess exposure of system to attacks or hacking. Monitor
- Security Operations pager and respond to issues of potential viral activity, spam, phishing, etc.
- Administer controls and review their application to ensure that system's controls, policies, and procedures are operating effectively relative to the predicted effectiveness of the controls.
- Investigate events or incidents of apparent security breaches and report to appropriate authorities using corporate procedures.
- Confer and collaborate with internal and external auditors to ensure that appropriate controls are installed, operating properly, and being monitored and reported.
- May plan and/or conduct tests of the core infrastructure and the contingency environment for critical business applications to ensure business continuity in the event of a computer security incident.
- Aggregate metrics of operation of security controls, as well as apparent attacks, breaches, and other pertinent data; track trends and prepare for periodic security reports.
- Participate in projects designed to test defenses against hacking, denial of service, spam, break-ins, or similar attacks.
- May provide guidance to infrastructure or application staff participating in exercise.
- Examine and/or test new methodologies or tools that could be adopted to enhance security of platforms, infrastructure, or access to data.
- Hands on experience with multifactor authentication protocols.
- Experienced on SSO concepts SAML, Radius, AAA and TACACS authorization protocols.
- Working knowledge of Active Directory/LDAP Management
- Identify security threats, risks and vulnerabilities, and develop mitigation plans
- Experience with Linux or other Embedded Systems is preferred
- Experience in python, ruby, bash, and perl scripting
- Maintain a thorough understanding of the basics behind the Internet and its workings (DNS, Security, IP Routing, HTTP, VPN, web proxy)
- Used network tools like wireshark to debug issues
- At least 3 years of enterprise or SaaS experience with administration, configuring and managing in Access management (identity management account management, LDAP and directory services, multifactor authentication, SSO and authentication)
- Knowledgeable of privileged account management, data loss protection, identity management account management, LDAP and directory services, multifactor authentication, and/or password vaulting technologies preferred
- Ability to explain vulnerabilities and weaknesses, and discuss effective defensive techniques to non-experts
Req ID: 54762