This job has expired, please see additional jobs below
Security Analyst
Fannie Mae
Reston, VA, United States
Job Details - this job has expired, please see similar jobs below
Description
THE COMPANY
Fannie Mae provides reliable, large-scale access to affordable mortgage credit in communities across our nation. We are the leading source of funding for housing in America, which means more people can buy or rent a home. We are focused on sustaining the housing recovery, improving our company, and leading change to make housing better.
Join our diverse, high-performing team and make a difference as we work together to enable access to a good home.
For more information about Fannie Mae, visit http://www.fanniemae.com/progress
JOB INFORMATION
Under limited supervision, work with various Information Security, Fannie Mae business, IT, and shared services teams to identify, manage and reduce cybersecurity risks in the environment and improve Fannie Mae’s overall risk posture. Participate in focused initiatives to resolve issues identified by Information Security vulnerability scans, penetration tests, self-identified weaknesses, or those identified by our risk partners. Source, analyze and present Information Technology (IT) data needed to support such InfoSec initiatives.Track security violations and/or non-compliances and identify trends or exposures that could be addressed by timely resolution of cyber “tech debt”, via additional training, or the use of application tools to enhance security.
KEY JOB FUNCTIONS
• Work closely with cross-functional teams both within- and outside of InfoSec to source, analyze, and present security-related IT data in support of InfoSec cyber risk reduction initiatives
• Work with project teams to assess cyber risks and prioritize project activities to maximize risk reduction
• Conduct outreach to application development teams to track and resolve cyber tech debt
• Participate in internal reviews by auditors, operational risk assessment staff, or compliance/reporting staff to prepare assessments or reports of operational risks associated with IT/IS infrastructure, access to systems, exposure to attacks, etc.
• Field cyber-related information requests from risk partners such as Internal Audit and FHFA
Qualifications
EDUCATION
• Bachelor's Degree or equivalent required
MINIMUM EXPERIENCE
• 2+ years of related experience
SPECIALIZED KNOWLEDGE & SKILLS
• Data analysis and visual presentation experience required, preferably with tools such as Tableau and Excel
• Strong interpersonal and communication skills for developing relationships with individuals and teams across the enterprise (including senior management)
• General familiarity with information security-related controls, and ability to use that knowledge to assess cyber risks IT Security certifications desired: Security+, CEH, CISSP, CCSP, AWS
• Exposure and familiarity with cyber risk frameworks is a plus
• Experience with secure coding practices
• Ability to identify security requirements for applications and services and to effectively discuss requirements with internal teams and business owners
• Can explain the risks associated with common application vulnerabilities and recommend mitigation options
• Exposure to application development with a stack such as java/database (minimum), or
• Solid Developers with 3+ years of experience with development stack like java, database who are interested in learning application security are welcome to apply
• Familiarity with emerging applications security exploits and willingness to research them
• Familiarity with key security concepts and frameworks such as OWASP, CVE, and CVSS.
• Understanding of application architecture and supporting components
EMPLOYMENT
As a condition of employment with Fannie Mae, any successful job applicant will be required to pass a pre-employment drug screen and to successfully complete a background investigation.
Fannie Mae is an Equal Opportunity Employer.