Security Engineer II
THE COMPANYAre you interested in helping solve today's most critical housing challenges? In simplest terms, Fannie Mae serves the people who house America. We work at the heart of housing by providing reliable, affordable mortgage financing in all markets at all times, buying loans that banks and other lenders originate, so they can fund new loans. This gives more people the opportunity to buy, refinance, or rent homes and apartments. Creating these opportunities is what drives the people who work at Fannie Mae.For more information about Fannie Mae, visit INFORMATIONDesign and implement systems and procedures to sustain the security, integrity, and availability of the organization?s data. Assess risk of exposure of proprietary data through weaknesses in platforms, access procedures, and forms of access to the organization?s systems and the data contained in them. Track security violations and identify trends or exposures that could be addressed by additional training, technical measures, or use of application tools to enhance security. May participate in simulated attacks or security violations to assess the organization?s data security measures. KEY JOB FUNCTIONSConduct platform or operating system vulnerability scans that assess exposure of system to attacks or hacking. Monitor Security Operations pager and respond to issues of potential viral activity, spam, phishing, etc. Administer controls and review their application to ensure that system's controls, policies, and procedures are operating effectively relative to the predicted effectiveness of the controls. Investigate events or incidents of apparent security breaches and report to appropriate authorities using corporate procedures. Confer and collaborate with internal and external auditors to ensure that appropriate controls are installed, operating properly, and being monitored and reported. May plan and/or conduct tests of the core infrastructure and the contingency environment for critical business applications to ensure business continuity in the event of a computer security incident. Aggregate metrics of operation of security controls, as well as apparent attacks, breaches, and other pertinent data; track trends and prepare for periodic security reports. Participate in projects designed to test defenses against hacking, denial of service, spam, break-ins, or similar attacks. May provide guidance to infrastructure or application staff participating in exercise. Examine and/or test new methodologies or tools that could be adopted to enhance security of platforms, infrastructure, or access to data.EDUCATIONBachelor's Degree or equivalent requiredMINIMUM EXPERIENCE4 years of related experienceSPECIALIZED KNOWLEDGE & SKILLS A' . Proven working experience in building and maintaining security systemsA' . Detailed technical knowledge of database and operating system securityA' . Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.A' . Experience with network technologies and with system, security, and network monitoring toolsA' . Strong understanding of packet flow through switches, routers, firewalls, load-balancers and proxiesA' . Experience with common network security practices as they relate to SOX and other compliance requirementsA' . Active Directory Services with a focus on integration with other authentication servicesA' . Thorough understanding of the latest security principles, techniques, and protocolsA' . Familiarity with web related technologies (Web applications, Web Services, Service EMPLOYMENT As a condition of employment with Fannie Mae, any successful job applicant will be required to pass a pre-employment drug screen and to successfully complete a background investigation, which may also include a credit check for positions in some areas of our business. Fannie Mae is an Equal Opportunity Employer.