Freddie Mac is dedicated to making home possible for families across the country. The IT Risk Management Associate will drive risk assessments, assist in issue closure, and provide risk advisory support within the EO&T division, focusing on improving the divisional risk profile.
Partner with key business and risk management subject matter experts (SMEs) to understand and manage risks and controls associated with Technical and Operational processes, serving as a liaison for 1LOD.
Ensuring an accurate and acceptable organizational risk posture; performing assessments on divisional and business process risk and controls, advising on effective risk reduction, and driving issues to closure.
Perform assessments of assigned business process(es) to ensure associated risks are adequately identified, measured, and mitigated via controls and / or capabilities to acceptable levels.
Ensure completeness and accuracy of process, risk, control, and issue data within GRC tool for assigned business process(es)
Assess the quality, completeness, accuracy, and sustainability of issue remediation and supporting evidence.
Participate in and contribute to stakeholder and audit meetings (e.g. – Scheduling meetings, managing requests)
Assist the team in identifying and driving process improvements for enhanced team efficiency and effectiveness, including enhanced process documentation, ensuring processes take a risk-based approach, and identifying / enhancing automation solutions where possible
Qualification
Required
Bachelor's Degree in an Information Technology, Information Security, Data Analysis, or Operational Risk Management related field or equivalent, and/or 1+ years of overall relevant experience
Experience performing risk assessments and / or issue remediation management
Experience with or knowledge of basic Enterprise / Operational Risk Management industry best practices (e.g. – inherent / residual risk, risk mitigation concepts), inclusive of Risk and Controls Self-Assessments (RCSA), is highly desired
Knowledge of industry Information Security and/or Technology control frameworks to include COBIT, NIST, ISO, or ITIL
Demonstrate efficient and effective verbal and written communication and interpersonal skills (e.g. – “summarize findings and recommendations to key stakeholders”)
Demonstrate intellectual curiosity and professionally challenge assumptions and the status quo (e.g. - "trust but verify')
Ability to resolve standard or routine questions or assignments
Ability to escalate issues / ask for assistance on tasks that are complicated or complex
Ability to quickly learn and apply core risk management principles
Demonstrated ability for self-motivation and passion for process improvement
Excel in a team environment as well as individually
Work creatively and analytically in a problem-solving environment
Commitment to grow and sustain technical knowledge through proactive, ongoing research and review of industry publications
Stay abreast of current industry relevant standards to find opportunities to improve Enterprise, Operational and IT Risk Management practices
Contribute to team growth by leading team trainings and knowledge shares as appropriate
Preferred
Experience working at an organization within the Financial Industry
