Hiring During COVID-19: Fannie Mae is hiring for all open positions as we deliver on our mission of providing stability, liquidity, and affordability to the housing market during this critical time. All interviews and onboarding are conducted virtually. We look forward to connecting with you. Learn more

IAM Principal

Job Description


Fannie Mae provides reliable, large-scale access to affordable mortgage credit in communities across our nation. We are the leading source of funding for housing in America, which means more people can buy or rent a home. We are focused on sustaining the housing recovery, improving our company, and leading change to make housing better.

Join our diverse, high-performing team and make a difference as we work together to enable access to a good home.


The Principal role in InfoSec serves as lead or technical expert to define and maintain the identity and access management (IAM) frameworks, authorization and authentication patterns, processes, standards and guidelines related to systems, business or data architecture. They align approaches with the broader IAM vision. The Principal is a thought leader, setting strategic direction for InfoSec IAM decisions and provides guidance to IT Enterprise, Data, and Business Architecture, Network Engineering as well as Cloud Engineering. They will partner with business stewards to define performance metrics for target access frameworks to include entitlements, permissions and provisioning; promote and educate stakeholders on the use and value of optimized tools and processes. They will also provide technical IAM subject matter expertise to the various development teams including communicating architectural decisions and mentoring other technical staff around the various development technologies and decisions.


They will conduct studies of new technologies to provide more efficient and cost effective IAM solutions. Work products may include; enterprise IAM patterns for InfoSec, developmental trainings for InfoSec and other parts of Fannie Mae, research & development related to InfoSec tools and methodologies (introduction of new technologies and products to protect the enterprise). This IAM Principal will provide technical leadership and strategy around Identity, Credential and Access Management (ICAM) for Fannie Mae and customers, pattern development, and security architecture, design, and engineering for Cloud Security and Compliance (Public and Private).



  • Provide technical and security expertise to IT, InfoSec, and business teams to identify security technology solutions and develop security technology and reference architectures and strategies to achieve business results.
  • Build and maintain good relationships with business teams and across InfoSec.
  • Key contributor to InfoSec Identify and Access Management and cloud strategy, communicate objectives, and ensure InfoSec and Fannie Mae teams conform to established standards, policies and guidelines.
  • Provide IAM guidance, technological recommendations and transition strategies that support the development and implementation of new applications
  • Oversee the creation, maintenance and enforcement of the current and target state IAM blueprint, transitional architectures and roadmaps.
  • Champion IAM vision and roadmaps for the suite of capabilities within strategic initiatives and lead reuse, buy and build decisions.
  • Provide technical IAM subject matter expertise, at the highest level of complexity to other InfoSec team members and technology resources assigned to projects.
  • Act as a trusted technology partner and key contributor for business and technology teams
  • Serve as lead and technical expert on assigned SDLC projects, pre-SDLC initiatives (RFI, RFP) and technology selection. 
  • Participate in developing an IAM resource strategy, operating model and resource plans to ensure effective and sustainable IAM function and ensure effective resource coverage.
  • Provide thought leadership and strategic solutions while driving IAM recommendations. Share that strategic thinking with the team and guide them as needed in delivering solutions that align to the strategy.
  • Work within the team to develop and mentor others on IAM architecture, design and implementation standards, guidelines, and industry best practices
  • Report to senior management on implications of trends, risk, strategy, and regulatory requirements affecting InfoSec.
  • Provide expert level AWS solution IAM architecture and automation building security into the Continuous Integration/ Continuous Delivery (CI/CD) pipeline
  • Collaborate with business leaders to determine how to best use technology to enable their growth and success
  • Balance strategic and tactical needs without compromising the business-technology alignment and roadmap.
  • Keep abreast of relevant market trends/best practices and maintains strong industry relationships outside the company.


  • Bachelor’s degree or equivalent (Required) and Master or Other Advance Degree (Preferred) in Computer Science or Information Systems
  • IT Security certifications; CISSP, CCNA, CISA, or GIAC equivalent (desired) AWS Certified Solutions Architect – Professional (desired)

  • 10+ years of relevant experience 

  • Expertise with identity lifecycle management-related concepts and processes
  • Expertise with server operating systems (Linux, Windows), RDBMS / SQL, and web app container technologies (Tomcat, JBoss, WebLogic)
  • Expertise in developing APIs and web services (RESTful/SOAP)
  • Expertise with Privileged Access Management and privileged access password management (PAPM) tools
  • Experience with access management in AWS, including AWS IAM, policy design & configuration, and process automation
  • Experience with Java development
  • Experience with identity governance platforms such as SailPoint Identity IQ, Okta or similar tools
  • Experience scripting/automation using PowerShell, VBScript, python, or bash
  • Experience in Agile development 
  • Experience in identity provisioning and federation technologies and standards (SAML LDAP, SSL SPML, SCIM)
  • Knowledge of web servers (IIS, WebLogic, Tomcat), load balancers and network traffic management
  • Working knowledge in two of the following platforms: UNIX, AIX, IBM Mainframe tools like ACF2 or RACF.
  • Working knowledge in general security principles (PKI, PKCS, OCSP).
  • Understanding of authentication, MFA and authorization tools and technologies
  • Understanding of secure software development practices (AppSec)
  • Understanding of monitoring tools such as Splunk, and SIEM platforms like QRadar
  • Understanding of DevOps, Robotics Process Automation (RPA), Continuous Integration and Continuous Delivery (CI/CD)
  • Exposure to user behavior analytics (UEBA), security analytics and next-gen adaptive access processes & technology


As a condition of employment with Fannie Mae, any successful job applicant will be required to successfully complete a background investigation.

Fannie Mae is an Equal Opportunity Employer.

Req ID: 58802