Seller/Servicer Information Security Risk Oversight Manager

At Freddie Mac, our mission of Making Home Possible is what motivates us, and it's at the core of everything we do. Since our charter in 1970, we have made home possible for more than 90 million families across the country. Join an organization where your work contributes to a greater purpose.

Position Overview:

Freddie Mac is seeking an experienced Manager in Information Security to enhance security maturity by ensuring the quality of design and implementation of Standard Operating Procedures (SOPs) and controls. This role involves establishing compliance processes, guiding a team, and providing governance for security guardrails in software delivery. The Manager will also work to mature Information Security processes using the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF).

Our Impact:

The Seller/Servicer information security oversight team within Third-Party Risk Management provides oversight of seller/servicers. Our cyber specialists proactively monitor, identify, detect, and respond to cyber threats through regular vulnerability scans to mitigate information security risk to Freddie Mac.

Your Impact:

The Seller/Servicer Information Security Risk Oversight Manager will be responsible for administering the Information Security cyber questionnaire that is comprised of the following: Conducting Information Security risk reviews and interviews with seller/servicers for the annual Consolidated Origination and Risk Evaluation (CORE) review that includes analyzing findings from the reviews and providing a risk assessment, with supported evidence.

In addition, the Seller/Servicer Information Security Risk Oversight Manager will have a deeper understanding of the NIST standards and be able to analyze the seller/services compliance with the Freddie Mac Guide. Identify and assess potential risks and vulnerabilities to our systems and data by our third parties using approved monitoring tools. Conduct risk assessments, analyze threats and assess third party information security processes and procedures, identify any associated risks, and provide a risk assessment with supporting evidence. The candidate must have a significant understanding of the Third-Party Risk Governance process. The Manager will also perform other duties as assigned in support of evolving organizational needs.

Qualifications:

• 8-10 years experience with 6 - 8 years preferred experience in cybersecurity or cyber risk management, particularly in highly regulated industries.
• 2 or more years of demonstrated experience as a people manager.
• Bachelor's degree in computer science, engineering, or a related field, or equivalent work experience.
• Experience in discussions with senior leadership to understand strategic goals.
• Strong experience in IT governance, risk, and controls, including frameworks like COBIT, FFIEC, ISO2700x, and NIST.

Keys to Success in this Role:

• Strong organizational and time management skills, leading multiple priorities and deadlines.
• Ability to develop, maintain, and cultivate effective relationships across divisions
• Strong analytical skills
• Flexible and adaptable.

Current Freddie Mac employees please apply through the internal career site.

We consider all applicants for all positions without regard to gender, race, color, religion, national origin, age, marital status, veteran status, sexual orientation, gender identity/expression, physical and mental disability, pregnancy, ethnicity, genetic information or any other protected categories under applicable federal, state or local laws. We will ensure that individuals are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

A safe and secure environment is critical to Freddie Mac's business. This includes employee commitment to our acceptable use policy, applying a vigilance-first approach to work, supporting regulatory mandates, and using best practices to protect Freddie Mac from potential threats and risk. Employees exercise this responsibility by executing against policies and procedures and adhering to privacy & security obligations as required via training programs.

CA Applicants: Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

Notice to External Search Firms: Freddie Mac partners with BountyJobs for contingency search business through outside firms. Resumes received outside the BountyJobs system will be considered unsolicited and Freddie Mac will not be obligated to pay a placement fee. If interested in learning more, please visit www.BountyJobs.com and register with our referral code: MAC.

Time-type:Full time

FLSA Status:Exempt

Freddie Mac offers a comprehensive total rewards package to include competitive compensation and market-leading benefit programs. Information on these benefit programs is available on our Careers site.

This position has an annualized market-based salary range of $142,000 - $214,000 and is eligible to participate in the annual incentive program. The final salary offered will generally fall within this range and is dependent on various factors including but not limited to the responsibilities of the position, experience, skill set, internal pay equity and other relevant qualifications of the applicant.