Hiring During COVID-19: Fannie Mae is hiring for all open positions as we deliver on our mission of providing stability, liquidity, and affordability to the housing market during this critical time. All interviews and onboarding are conducted virtually. We look forward to connecting with you. Learn more

Senior Technology Risk Analyst

Job Description

THE COMPANY


Fannie Mae provides reliable, large-scale access to affordable mortgage credit in communities across our nation. We are the leading source of funding for housing in America, which means more people can buy or rent a home. We are focused on sustaining the housing recovery, improving our company, and leading change to make housing better.


Join our diverse, high-performing team and make a difference as we work together to enable access to a good home.


JOB INFORMATION


Under the supervision of integrated technology risk management Directors, this senior level analyst will serve as a risk lead to coordinate, communicate, and drive governance, risk management activities, and project management across Fannie Mae’s second-line of defense Data, Technology, Cybersecurity, and Resiliency (DTCR) Risk Management program.  You will provide effective oversight and challenge of risk management activities. As a risk lead, you will be responsible for cross-functional technology-related initiatives for risk oversight, identification, assessment, and monitoring. 

KEY JOB FUNCTIONS

  • Serve as a liaison, collaborating and interfacing with risk partners and other second-line enterprise risk management functions to drive meaningful technology-risk reductions and escalation of risks, as needed. Partner with second-line risk management functions to help ensure proper execution of established frameworks, policies, standards, strategies (including risk appetite, RCSA).
  • Comprehensively assess risks and gather insights from issues and events across technology business areas to provide an aggregated risk assessment.
  • Design, implement, and/or influence internal governance processes (includes reporting, issue management, policy/standard review, risk identification, risk assessments, and risk monitoring).
  • Facilitates/oversees and provides the capabilities/ tools by which the risk owner identifies new, top, emerging, or changing risks stemming from business activities or external events, including Risk and Control Self-Assessments (RCSA), risk opinions for Key Business Decisions (KBD) related to initiatives which may introduce heightened risk , and Top Risk Identification in accordance with policies and standards.
  • Where required by internal policies or external agencies, develop documentation of reports. This also includes developing, contributing to, and monitoring metrics and reporting (e.g., management reporting, internal reporting, etc.).
  • Confer with first-line management and risk partners to assess technology capabilities, analyzing processes, and risk exposure to drive the implementation of appropriate risk management controls.
  • Review technology and risk management processes; examine documentation and flow to identify ways to improve and streamline processes.
  • Assist in presentations and workshop sessions on risk management activities, process analysis, risk identification, assessment, control, and mitigation.
#LI-KW1

EDUCATION

 

  • Bachelor degree or equivalent

 

MINIMUM EXPERIENCE

 

  • 6+ years of related experience

 

SPECIALIZED KNOWLEDGE & SKILLS

 

  • Experienced in risk management laws, rules, regulations, frameworks, processes, policies and standards, e.g. NIST, FHFA Advisory Bulletins, FFIEC IT Examination Handbook
  • 5+ years of Operational Risk management or 1st line technology delivery experience in one or more of the following domains: data, cyber security, application development and operations, infrastructure, cloud, resiliency, work place safety
  • Professional certifications within risk management and/or assurance and integrated technology risk management domain (e.g., Certified Risk Management Professional, Certified Internal Auditor Certified Information Security Manager, Certified Information Systems Security Professional, Certified Data Management Professional, Certified Business Continuity Auditor)
  • Ability to identify and communicate areas of non-compliance, coordinate remediation plans, and assess timely remediation of identified gaps.

 

EMPLOYMENT


As a condition of employment with Fannie Mae, any successful job applicant will be required to successfully complete a background investigation.


Fannie Mae is an Equal Opportunity Employer.


Req ID: 59102