Hiring During COVID-19: Fannie Mae is hiring for all open positions as we deliver on our mission of providing stability, liquidity, and affordability to the housing market during this critical time. All interviews and onboarding are conducted virtually. We look forward to connecting with you. Learn more

Lead, Business Resiliency & Workplace Safety Risk Oversight

Job Description


Fannie Mae provides reliable, large-scale access to affordable mortgage credit in communities across our nation. We are the leading source of funding for housing in America, which means more people can buy or rent a home. We are focused on sustaining the housing recovery, improving our company, and leading change to make housing better.

Join our diverse, high-performing team and make a difference as we work together to enable access to a good home.


Under the integrated technology function within Risk Management, the Lead, Business Resiliency & Workplace Safety Risk Oversight will coordinate, communicate, and support governance, risk management activities, and project management across Fannie Mae?s second-line of defense Data, Technology, Cybersecurity, and Resiliency (DTCR) Risk Management program. The incumbent will provide effective oversight and challenge of risk management activities and be responsible for cross-functional technology-related initiatives for risk oversight, identification, assessment, and monitoring.

  • Maintain and assist with implementing an effective Business Resiliency & Workplace Safety risk management framework. Leverage knowledge of the mortgage industry, mortgage product types and mortgage securitization to ensure effective management of risk associated with Business Resiliency & Workplace Safety
  • Actively identify, assess, respond and escalate risks associated with Business Resiliency & Workplace Safety as appropriate. Identify gaps and inform solutions identified resulting from inadequate internal processes, systems or human errors associated with Business Resiliency & Workplace Safety
  • Understand, adhere to and bolster Business Resiliency & Workplace Safety risk governance across first-line activities including the implementation of the three lines of defense model. Inform policies, standards and procedures for Business Resiliency & Workplace Safety to maximize efficiency and minimize risk exposure
  • Directly confer with business unit staff by scoping business problems, analyzing processes, risk exposure and sharing lessons learned. Identify problem drivers and reinforce operational procedures with appropriate internal controls. Facilitate project and risk management-related activities that provide horizontal support across the Data, Technology, Cyber, and Resiliency (DTCR) risk domains
  • Collaborates and interfaces with risk partners and other second-line enterprise risk management functions to drive meaningful technology-risk reductions and escalation of risks, as needed. Partner with second-line risk management functions to help ensure proper execution of established frameworks, policies, standards, strategies (including risk appetite, RCSA).
  • Comprehensively assess risks and gather insights from issues and events across technology business areas to provide an aggregated risk assessment. Assist with design and implementation of internal governance processes (includes reporting, issue management, policy/standard review, risk identification, risk assessments, and risk monitoring).
  • Facilitates use of tools by which Business Resiliency & Workplace Safety risk owners identify new, top, emerging, or changing risks stemming from business activities or external events. Tools include Risk and Control Self-Assessments (RCSA), risk opinions for Key Business Decisions (KBD), and Top Risk Identification in accordance with policies and standards. Confer with first-line management and risk partners to assess technology capabilities, analyzing processes, and risk exposure to drive the implementation of appropriate risk management controls.
  • Review technology and risk management processes; examine documentation and flow to identify ways to improve and streamline risk mitigation processes.
  • Assist in presentations and workshop sessions on Business Resiliency & Workplace Safety risk management activities, process analysis, risk identification, assessment, control, and mitigation
  • Where required by internal policies or external agencies, develop documentation of reports. This also includes developing, contributing to, and monitoring metrics and reporting (e.g., management reporting, internal reporting, etc.).



  • Bachelor degree or equivalent




  • Certified Risk Management Professional, Certified Internal Auditor Certified Information Security Manager, Certified Information Systems Security Professional, Certified Data Management Professional, Certified Business Continuity Auditor



  • 7+ years of related Operational Risk Management or experience in one or more of the following domains: data, cyber security, application development and operations, infrastructure, cloud, resiliency, workplace safety Relevant work within a financial services, capital markets, insurance organization or in an operational risk role within a regulatory organization




  • The successful candidate will have the following demonstrable knowledge/skills within Business Resiliency & Workplace Safety domain: Enterprise Resiliency & Security (Business Resiliency & Workplace Safety) Program Management, Risk Assessment, Continuous Monitoring & Assessment of Preparedness, Business & Technical Recovery, Business Impact Analysis, Recovery Strategy & Sequencing, Recovery Time & Recovery Point Objective Monitoring, Business Continuity Plans (BCP), Tabletop & Scenario Exercises, Third Party Resilience, Crisis Management / Workplace Safety (Governance, Plans, Training, Testing and Maintenance), Cyber Resilience, Technical Contingency Plans (TCP), Cloud Resilience, and Data Center Recovery (Plan & Exercise)


As a condition of employment with Fannie Mae, any successful job applicant will be required to successfully complete a background investigation.

Fannie Mae is an Equal Opportunity Employer.

Req ID: 59405