Information Security Senior - Applied Cryptography

Freddie Mac
Reston, VA
Sep 12, 2019
Oct 10, 2019
Full Time
The Information Security Senior will be part of the Applied Cryptography team within the Platform Security Technology department within the Enterprise Technology Services Unit of the Information Technology Division. This position is responsible for providing administration of the credential and secrets management systems and services for the Freddie Mac infrastructure and applications across multi-site enterprise cloud and data center environments.

Your Work Falls into Three Primary Categories:

Support of Design, Build and Operations
  • Perform the planning, design, implementation and Level 3 support of IT Security solutions related to privileged access and secrets management.
  • Provide enterprise support to internal teams for use, configuration, and troubleshooting of privileged access and secrets management vault and data, including HSMs and KMS.
  • Support the security risk assessment of applications and infrastructure; including remediation of incident response, vulnerability analysis and threat intelligence.
  • Provide technical guidance, develop design documents, perform product installation, upgrades and certification, implementation plan, deployment and troubleshooting support.
  • Diagnose, solve and provide root cause analysis for secrets management and data encryption related issues.
  • Ensure consistent delivery of superior technical solutions.

Change Agent
  • Champion technology and tools change that improves delivery processes.
  • Act as an agent for change to reflect the latest secrets management and data encryption and Cryptography standards in new technologies and tools.
  • Serve as an enterprise subject matter expert (SME) and advocate of IT Security standards and reference architectures related to privileged access and secrets management.
  • Coordinate with Information Security team to ensure solution assurance and compliance to security policy, procedures, standards and baseline security configurations.

Technical Leadership
  • Work closely with technology and business stakeholders to implement privileged access management and shared secrets goals, determine security requirements, design and implement solutions to meet business objectives, IT strategic initiatives, corporate and regulatory requirements.
  • Execute enterprise-wide privileged access and secrets management governance processes in collaboration with Information Security and Enterprise Architecture to adequately plan, communicate and deploy enterprise configurations as new privileged standards are adopted.
  • Communicate effectively with clients to identify needs and evaluate alternative technical solutions and strategies.
  • Protect and secure company resources in the cloud, virtual and physical infrastructures.
  • Stay current with developing technologies, emerging threat landscape and predict impact of changing technologies.


  • Bachelor's degree in information technology, engineering, computer science, related field or equivalent experience.
  • 3+ years of professional IT experience with implementation and administration of any password management or, including but not limited to CyberArk and/or Hashicorp Vault.
  • Knowledge of privileged access best practices.
  • Experience with System Administration basics with Linux (CentOS, RedHat) and/or Microsoft Windows Server (and associated technologies such as Active Directory and Exchange). Experience operating and maintaining production systems in Linux and public cloud environments.
  • Experience with basic Networking and troubleshooting (TCP/IP, DNS, routing, switching, firewalls, LAN/WAN, traceroute, iperf, dig, cURL or related).
  • Knowledge of CyberArk, threat analytics, and distributed vault architectures.
  • Ability manage all aspects relating to data encryption solutions including polices, keys, backup, log monitoring for unauthorized access, etc.

Key to Success in this Role
  • Team player
  • Innovative in providing solutions, likes to take on challenges with calculated risk
  • Strong written and oral communications skills
  • Proactive in nature with customer satisfaction as primary goal
  • Quick learner of new technologies and tools

Top 3 Personal Competencies to Possess
  • Customer Focus - Support operational internal business partners to learn and deliver on their needs.
  • Partnership - Align with IT partners, Support and Project Management Organization (PMO) teams to support business needs and initiatives.
  • Drive for Execution - Focus on results that meet business and corporate needs. Focus on network and security infrastructure stability. Focus on network and security infrastructure monitoring, issue resolution and closure processes.

Preferred Skills

Preferred Skills
  • Experience with scripting tools to automate routine tasks using scripting languages including but not limited to Python, Perl, JavaScript, shell scripting
  • Exposure to varied operating systems - UNIX, Linux, Windows
  • Experience supporting cloud-based solutions
  • General understanding of key IT components - LDAP, Networking, firewall, load balancing, Federated Identity.
  • Experience in the financial services industry and Freddie Mac's role in the industry.
  • CyberArk certifications

Today, Freddie Mac makes home possible for one in four home borrowers and is one of the largest sources of financing for multifamily housing. Join our smart, creative and dedicated team and you'll do important work for the housing finance system and make a difference in the lives of others. Freddie Mac is an equal opportunity and top diversity employer. EOE, M/F/D/V.

Similar jobs