Cyber Security Senior - Vulnerability and Compliance

Freddie Mac
Reston, VA
Oct 17, 2018
Oct 17, 2018
Full Time
This Information Security (IS) Senior role will be part of the Security Assurance Testing group in the Information Technology Division. Information Security engages with multiple risk, compliance, and technology owners. This position will provide subject matter expertise in scanning of infrastructure and network devices, operating systems, databases, and wireless to detect vulnerabilities and misconfigurations.

Your work falls into three primary categories:
Vulnerability Management
* Scanning of infrastructure and network devices, operating systems, databases, and wireless to detect vulnerabilities and misconfigurations.
* Ability to validate vulnerabilities and misconfigurations either thru interactive log-ins, or via scripts.
* Provides enhanced vulnerability analysis and contextual feedback to stakeholders for resolution of discovered vulnerabilities or misconfigurations.
* Report on vulnerabilities or misconfigurations discovered, and producing final metrics and briefings when required.

Security Configuration Management
* Assist in the development of security configuration requirements for assets.
* Provide detailed advisory support on device security configuration, vulnerabilities and the associated risk, and provide viable options to close or mitigate.
* Design monitoring solutions for new and existing technologies to determine compliancy with published standards.

Team Leadership
* Develop and maintain standard operating procedures, rules of engagement and status reporting of each assessment and task.
* Responsible for communicating with the stakeholders at every stage of the project, scanning, and testing activities.
* Contribute to the development and overall strategy of the Freddie Mac Security Assurance program.


* Typically has 5 plus years of related experience.
* 5 years of hands-on experience working with vulnerability and compliance scanning.
* Bachelor's Degree in Information Systems or related field or equivalent work experience.
* CISSP, CISA, CISM, CCNA, GSEC or equivalent designation.
* Hands on experience with enterprise level vulnerability scanning tools.
* Proficiency in Microsoft Office Products (Word, Excel, Access, PowerPoint)

Key to success in this role:
* Works under minimal supervision. Able to provide technical guidance to the team.
* Able to multi-task, work as part of a team, share workloads, and deal with sudden shifts in project priorities.
* Strong written and oral communications skills.
* Proactive in nature with customer satisfaction as primary goal.
* Innovative in providing solutions, likes to take on challenges with calculated risk.
* Quick learner of new technologies and tools.

Top Three Personal Competencies to possess:
* Customer Focus - Support operational internal business partners to learn and deliver on their needs.
* Partnership - Align with IT partners teams to support business needs and initiatives.
* Drive for Execution - Focus on results that meet business and corporate needs. Focus on delivering results with accuracy and completeness. Focus on improving Freddie Mac's security posture and minimizing business risk.

Today, Freddie Mac makes home possible for one in four home borrowers and is one of the largest sources of financing for multifamily housing. Join our smart, creative and dedicated team and you'll do important work for the housing finance system and make a difference in the lives of others. Freddie Mac is an equal opportunity and top diversity employer. EOE, M/F/D/V.

Similar jobs