Hiring During COVID-19: Fannie Mae is hiring for all open positions as we deliver on our mission of providing stability, liquidity, and affordability to the housing market during this critical time. All interviews and onboarding are conducted virtually. We look forward to connecting with you. Learn more

Cyber Security Specialist IV

Job Description

THE COMPANY

Fannie Mae provides reliable, large-scale access to affordable mortgage credit in communities across our nation. We are the leading source of funding for housing in America, which means more people can buy or rent a home. We are focused on sustaining the housing recovery, improving our company, and leading change to make housing better.

Join our diverse, high-performing team and make a difference as we work together to enable access to a good home.

JOB INFORMATION

This position will serve as a Business Security Consultant in the Business Information Security Office (BISO) team. Works alongside the BISO and Portfolio Business/Technical partners to support Fannie Mae’s information security posture. Responsible for identifying, measuring and monitoring assigned business units' complex processes and procedures. Recommend or implement security controls, procedures or business processes that are compliant with legal and regulatory directives and corporate mandates. May conduct operational/process reviews and analyses, and report findings to corporate management. May recommend changes to technical roadmaps, business processes or policies. 


KEY JOB FUNCTIONS
  • Establishes system-wide information security requirements based upon the analysis of user, policy, regulatory, and resource demands.
  • Coordinates with senior representatives within the customer organizations to address program goals, milestones, resources, and risks.
  • Performs security governance through the design and implementation of security policies, procedures, guidelines and standards to maintain the confidentiality, integrity and availability of information systems and data.
  • Serve as lead technical information security coordinator/project lead and as a contributor to cross functional teams for deployment and support of security specific standards to provide information security standards to the enterprise.
  • Test and report on new technologies and reporting security concerns through the creation of security vulnerability assessments.
  • Develops analytic approaches and recommendations to problems and situations for which data are incomplete, controversial, or which no precedence exists.
  • Apply an advanced understanding of intelligence analytic concepts to monitor, assess, and report on cyberspace operations, capabilities, and vulnerabilities.
  • Provide appropriate training to other security specialists and external customers on developed standards, procedures and guidelines.
  • Apply an advanced understanding of intelligence analytic concepts to monitor, assess, and report on cyberspace operations, capabilities, and vulnerabilities.
  • Provide appropriate training to other security specialists and external customers

EDUCATION
Education Level Required (if any)

  • Bachelor Degree or Equivalent
Area of Study Required (if any)
  • Computer Science or IT/IS


MINIMUM EXPERIENCE

  • 6-8 years experience in the Information Security field, with a strong background in application and/or infrastructure (cloud, platform, networking) development and support.


SPECIALIZED KNOWLEDGE & SKILLS

  • Ability to understand and translate complex technical topics for communication between technical and non-technical business partners at all levels of the organization.
  • Demonstrated cyber security risk management and/or IT audit experience and strong knowledge of related best practices/ frameworks (e.g., NIST CSF, COBIT 5, ISO) is desired. Big 4 and SOX experience a plus.
  • Strong working knowledge of cyber security controls and risks related to system access management.
  • Ability to interpret and clearly convey risks and control requirement to controls owners and advise stakeholders on control design and risk remediation strategies.
  • Experience performing cyber security control assessments, identifying control gaps, and assisting management with conducting root cause analysis.
  • Experience with AWS cloud strongly desired
  • Background in application development and/or infrastructure support strongly desired.
  • Strong presentation skills and demonstrated ability to produce clear, concise and high quality written deliverables.
  • Proven success in relationship building with management, business partners and technical subject matter experts.
  • Strong organizational and prioritization skills to deliver on-time in a fast-paced and dynamic environment.


EMPLOYMENT

As a condition of employment with Fannie Mae, any successful job applicant will be required to successfully complete a background investigation.
Fannie Mae is an Equal Opportunity Employer.



Req ID: 59511