Cybersecurity Risk Professional (Hybrid or Remote Work)
McLean, VA
Full-time
Hybrid
$85K/yr - $127K/yr
Entry, Mid Level
Freddie Mac is a public government-sponsored enterprise that provides mortgage capital to lenders. They are seeking a Cybersecurity Risk Professional to support the development, validation, and monitoring of cybersecurity capabilities within their Enterprise Risk Management team. The role involves providing oversight and advisory services for Information Security programs and enhancing risk management practices across the organization.
As a subject matter expert of the Cybersecurity risk domain, provide oversight and challenge function for the Information Security programs of the IT division and other lines of business
Review the Information Security operations, solutions and architecture to identify risks, evaluate effectiveness and completeness of the cybersecurity capabilities and report the findings for enhancement and opportunities
Enhance and mature Risk Management practices by supporting the development of enterprise-wide cybersecurity policies and standards
Provide oversight and advisory services to 1st line partners regarding the application of standard requirements across a wide variety of technologies to manage risk
Support the development and execution of controls to monitor cybersecurity compliance and drive organizational change
Develop effective and measurable metrics (KRI, KPI and KCI) to analyze data and proactively identify trends or new/emerging risks
Execute risk analytics and reporting
Provide advisory consultation to lines of businesses and make course of action recommendations to manage risk
Effectively challenge our 1st line of defense technology teams while collaborating with the 3rd line (Internal Audit) and internal 2nd line partners
Collaborate with key risk areas, business partners, and IT counterparts to design action plans to address Cybersecurity and IAM risk
Autonomously lead program execution with documented project plans, expectations and schedule
Provide status reports, escalation and impediment resolution when needed
Support the Director and managers in leading and managing the team
Qualification
Required
Bachelor’s Degree and minimum of 2-5 years related experience working in and/or auditing IT security areas such as penetration testing, operations, threat intelligence, monitoring, vulnerability management, identity access management, Keys and Certificate Management or security engineering in large enterprises
Demonstrate proficiencies in above stated cybersecurity domains
Working knowledge of industry security standards and guidance such as NIST or ISO
Capable of working independently and with a collaborative team
Deliver effective verbal, written and interpersonal communication skills with strong attention to detail
Think broadly and analytically, developing solutions in an ambiguous and fast paced environment
Ability to understand and work with a diverse group of partners within all lines of defense
Demonstrable experience with IT, privacy data and management practices/processes
Self-motivated, pro-active and results oriented problem solver; able to prioritize without heavy supervision
Preferred
Formal big 4 Cybersecurity Risk Consulting, Audit or Assurance experience
Some industry leading Certifications preferred: CISSP, CISA, CRISC, CISM, CEH, and/or CIPT
Prior experience in Cybersecurity Operational Risk Management, supporting CISO in deployment and sustainment of cybersecurity capabilities, and previous big four experience
Knowledge of cloud migration, AI, security and access management experience
Benefits
Competitive compensation
Market-leading benefit programs
Annual incentive program
Freddie Mac is a public government-sponsored enterprise that provides mortgage capital to lenders.
Glassdoor
3.5
Founded in 1970
Mclean, Virginia, USA
5001-10000 employees
http://www.freddiemac.com
Freddie Mac is a public government-sponsored enterprise that provides mortgage capital to lenders.
