Cybersecurity Risk Senior Analyst

About The Position

Requirements

• Bachelor’s Degree or equivalent experience
• 5+ years of relevant experience
• Some industry leading Certifications preferred: CISSP, CISA, CRISC, CISM, CEH, and/or CIPT
• Prior experience in IT Operational Risk Management methodologies and principles, previous big four experience preferred
• Minimum of 5 years+ working in and/or auditing IT security areas such as penetration testing, operations, threat intelligence, monitoring, vulnerability management or security engineering in large enterprises.
• Knowledge of cloud migration, security and access management experience preferred
• Demonstrates proficiencies and comfortable working in the previously stated cybersecurity domains.
• Working knowledge of industry security standards and guidance such as NIST or ISO
• Capable of working independently and within a collaborative team environment
• Must demonstrate the ability to deliver effective verbal, written and interpersonal communication skills.

Nice To Haves

• Ability to think broadly but also be detail-oriented
• Ability to understand and work with a diverse group of stakeholders within all lines of defense
• Direct experience with IT, privacy data and management practices/processes
• Self-motivated, pro-active and results driven problem solver with the capability to managing multiple priorities without heavy supervision
• Ability to think analytically to develop solutions in an ambiguous and fast paced environment

Responsibilities

• Enhance and mature Risk Management practices by supporting the development of enterprise-wide cybersecurity policies and standards
• Provide oversight and advisory services to 1st line partners regarding the application of standard requirements across a wide variety of technologies to manage risk.
• Support the development and execution of controls to monitor cybersecurity compliance and drive organizational change
• Develop effective and measurable metrics (KRI, KPI and KCI) to analyze data and proactively identify trends or new/emerging risks
• Execute risk analytics and reporting
• Provide advisory consultation to lines of businesses and make course of action recommendations to manage risk
• Effectively challenge our 1st line of defense technology teams while collaborating with the 3rd line of defense and internal 2nd line partners.
• Collaborate with key risk areas, business partners, and IT counterparts to design action plans to address Cybersecurity and IAM risk
• Autonomously lead program execution with documented project plans, expectations and schedule
• Provide status reports, escalation and impediment resolution when needed
• Support the Director in leading and managing the team

Benefits

• Freddie Mac offers a comprehensive total rewards package to include competitive compensation and market-leading benefit programs. Information on these benefit programs is available on our Careers site.
• This position has an annualized market-based salary range of $111,000 - $167,000 and is eligible to participate in the annual incentive program.