Hiring During COVID-19: Fannie Mae is hiring for all open positions as we deliver on our mission of providing stability, liquidity, and affordability to the housing market during this critical time. All interviews and onboarding are conducted virtually. We look forward to connecting with you. Learn more

Cyber Security Manager

Job Description


At Fannie Mae, futures are made. The inspiring work we do makes an affordable home a reality and a difference in the lives of Americans. Every day offers compelling opportunities to modernize the nation's housing finance system while being part of an inclusive team using new, emerging technologies. Here, you will help lead our industry forward, enhance your technical expertise, and make your career.

The Cyber Security Manager will also design and administer procedures to integrate business, technology and security throughout the enterprise to sustain the security of the organization's data and access to its technology and communications systems. Assess risk of exposure of proprietary data through weaknesses in platforms, access procedures, and forms of access to the organization's systems and the data contained in them. Report and track security violations and identify trends or exposures that could be addressed by additional training, technical measures, or use of application tools to enhance security.


As a Cyber Security Manager supporting the Business Information Security Officer (BISO) you will be a key leader, instrumental in building out the BISO program elements to include developing standardized, scalable processes for how the BISO team:  

  • Communicate with partners
  • Drive resolution of customer issues within InfoSec (there are currently multiple intake processes that require different pathways depending on team)
  • Support escalations
  • Further build out and maintain customer-facing Confluence site to share key communication elements (roadmaps, impact details, FAQs, etc.). Trying to be a one-stop shop for Portfolios if they are looking for something InfoSec related.
  • Maintain BISO Jira service desk to track BISO projects, customer questions, projects, etc.
  • Maintain/drive BISO huddle board, huddles, working sessions to meet BISO team goals
  • Interface with InfoSec teams to determine work outside of the Program Increment (PI) planningI that needs to be communicated to customers
  • Interface with InfoSec operational teams to determine customer impacts/communications for planned operational work (reserved capacity that’s not broken out in PI)
    • Currently multiple communication paths for this information; just starting to assess.
    • Work with RTEs to iterate the ISLA process; need to get the required details and expanded timelines asked for by the business.

In this role you will have the flexibility to make each day your own, while working alongside people who care so that you can deliver on the following responsibilities:

  • Work with internal customers to develop group wide processes, where it makes sense.
  • Manage the BISO teams Business Security Consultants (BSCs) and provide supervisory, career growth, coaching (BSCs are Cyber Security Specialists) and managerial responsibilities:
    • Plan, manage, document, and evaluate the performance of subordinate staff. Foster their technical and professional growth through assignments, mentoring, and training opportunities. Includes, time cards, expense reports, annual reviews, etc.
    • Provide continuous feedback and mentoring to BSCs and Reporting Analyst
    • Communicate InfoSec PI planning and operational updates
    • Troubleshoot issues as necessary and provide an escalation path
    • Compile reporting and presentations for BISO to present throughout the enterprise


Education Level (Required)

  • Bachelor Degree or Equivalent

Areas of Study (Preferred)

  • Computer Science or IT/IS

Experience (Primary)

  • 6-8 years of related experience

Skills (Primary)
  • Experience in securing a public cloud environments and services (e.g. AWS, GCP, Azure)
  • Experience utilizing Agile methodologies within DevOps environments
  • Experience with data protection techniques and tools such as encryption, tokenization, cloud access security brokers
  • Experience using data science tools and methods such as Python
  • Maintain industry-recognized professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), and AWS Certified Solutions Architect
  • Experience in Offensive and/or Defensive Security techniques
  • Experience in a regulated environment
  • Financial services industry experience

The future is what you make it to be. Discover compelling opportunities at careers.fanniemae.com. 

Fannie Mae is an Equal Opportunity Employer, which means we are committed to fostering a diverse and inclusive workplace. All qualified applicants will receive consideration for employment without regard to race, religion, national origin, gender, gender identity, sexual orientation, personal appearance, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation in the application process, email us at careers_mailbox@fanniemae.com.
Successful job applicants will be required to successfully complete a background investigation.

Req ID: 60126