IT Risk Director

Freddie Mac
McLean, Virginia
Apr 07, 2021
Apr 11, 2021
Full Time
At Freddie Mac, you will do important work to build a better housing finance system and you'll be part of a team helping to make homeownership and rental housing more accessible and affordable across the nation.

Position Overview:

Information Technology Operational Risk Management (ITRM) is responsible for providing oversight of operational risks associated with all operating activities of Freddie Mac's Information Technology division. The primary responsibilities of ITRM include providing risk management, risk advisory, regulatory liaison, and policy/standards governance for the Information Technology division. This could include managing the review and publication of divisional policies and standards, defining and implementing risk management frameworks, monitoring and reporting risks and risk response, performing risk reviews and evaluations, and driving continuous improvement of risk management capabilities across IT. ITRM is led by the Vice President, IT Operational Risk & Governance.

We are looking for an external auditor, internal auditor or information security or IT audit professional that will join a 1st line organization, helping IT management adopt risk responses to align internal controls to acceptable level of risk appetite/posture and respond timely to remedial actions recommended by 2nd (ERM) and 3rd (IA) lines of defense.

**This position can be performed currently from a remote location in the U.S. but will require presence in a Freddie Mac office in the future.***

Our Impact:
  • Partner with IT management to ensure they understand remedial requirements
  • Work with IA and ERM to translate audit findings and promote a well outlined strategy and plan(s) for action to be taken by IT stakeholders in line with Enterprise Risk Management frameworks
  • Serve as a representative of 1st line management for various discussions with other lines of defense

Your Impact:
  • You will conduct risk assessments on remedial actions taken and assess residual risk as you aggregate risk-based packages and remediation portfolios for ERM and IA verification
  • You will provide/present divisions their risk portfolio and while using a technical and business-based view, recommend prioritized actions and provide risk management expertise

  • Bachelor's Degree in Management Information Systems, Computer Science or business/science degree
  • 10-12 years of experience working with SOX, practical experience in internal/external audits, risk management - methods and techniques for the assessment and management of risk
  • Ability to operate as a self-motivated, pro-active, and result-driven problem solver with excellent analytical and interpersonal skills
  • Ability to understand IT processes, management objectives, risk appetite and tolerances and impact of changes to risk profiles
  • Experience in IT governance, risk and controls, including governance frameworks
  • CISA and or CISSP required; CIA certification preferred. AWS certifications a big plus
  • Strong verbal and written abilities for effective and concise communication
  • Strong understanding of IT Audit best practices, Former Big 4 IT auditor experience preferred
  • Knowledge of frameworks (i.e. NIST 800-53, CSA CSM, COBIT, ITIL, ISO 2700X, etc.)
  • Knowledge of COSO ERM, COSO model for internal control and control theory

Keys to Success in this Role:
  • Former "Heavy" senior or manager, capable of handling multiple engagements and customers through demonstrated IT GC or Info Sec expertise
  • Variety of clients served, experience with benchmarking - able to articulate best practices seen at previous engagements or companies

Current Freddie Mac employees please apply through the internal career site.

Today, Freddie Mac makes home possible for one in four home borrowers and is one of the largest sources of financing for multifamily housing. Join our smart, creative and dedicated team and you'll do important work for the housing finance system and make a difference in the lives of others.

We are an equal opportunity employer and value diversity and inclusion at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by applicable law. We will ensure that individuals with differing abilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Notice to External Search Firms: Freddie Mac partners with BountyJobs for contingency search business through outside firms. Resumes received outside the BountyJobs system will be considered unsolicited and Freddie Mac will not be obligated to pay a placement fee. If interested in learning more, please visit and register with our referral code: MAC.

Time-type:Full time

Job Category:Risk

FLSA Status:Exempt

Similar jobs