PAM (Privileged Access Management) Technical Lead

At Freddie Mac, our mission of Making Home Possible is what motivates us, and it's at the core of everything we do. Since our charter in 1970, we have made home possible for more than 90 million families across the country. Join an organization where your work contributes to a greater purpose.

Position Overview:

Are you ready to lead the charge in cybersecurity? We're on the hunt for a dynamic Privileged Access Management Technical Lead to spearhead our cutting-edge security initiatives. If you have a passion for engineering, automation, and operational management of privileged access, credential management technologies, and endpoint security technologies, this is the role for you!

You'll be at the forefront of our cybersecurity efforts, participating in a monthly on-call rotation and providing advanced (level 3) troubleshooting support. Join us and make a real impact in safeguarding our digital landscape!

Our Impact:

We help drive the Information Security department's mission to reduce information risk and strengthen the Confidentiality, Availability, and Integrity of our information systems.

Your Impact:

Technical Leadership and Engineering Management:

• Enhance endpoint security technology administration and monitoring.

• Balance technical and business requirements for privileged access management.

• Align design efforts with zero-trust strategies and architectural standards.

• Mentor team members for engagement and growth.

• Establish best practices for PAM and credential management systems.

Continuous Process Improvement and Automation:

• Adopt an automation-first mindset.

• Identify and delegate tasks for efficiency gains and automation.

• Track project milestones and communicate with leadership using Jira.

Engineering-Driven Compliance & Best Practices:

• Ensure solutions comply with regulatory requirements like NIST.

• Design scalable solutions for highly regulated environments.

• Assist with audits and ensure compliance with security standards.

• Develop proactive solutions to mitigate risks and protect against threats.

Collaboration and Stakeholder Engagement:

• Embed security into solutions without compromising user experience.

• Evaluate, select, and implement new security technologies with senior leadership.

Qualifications:

• 8+ years of IT experience, specializing in privileged access and credential management in large enterprises.

• Bachelor's degree in IT, engineering, computer science, or equivalent experience.

• 4+ years of hands-on experience with PAM, credential management, and privileged access.

• Expertise in Just-In-Time entitlements and zero-standing privileges.

• Knowledge of malware protection and endpoint technologies.

• Experience with identity lifecycle management tools.

• Familiarity with SEIM configuration and management.

• Proficient with Windows, Linux, databases, and mainframes.

• Experience with PAM in hybrid/multi-cloud environments (AWS, GCP, Azure).

• Knowledge of AWS security and CloudFormation Templates.

• Experience with firewalls, VPNs, and network segmentation.

• Familiarity with automation platforms like Ansible and Terraform.

• Strong troubleshooting skills for Windows and networking.

• Ability to prioritize work independently and provide clear updates.

• Excellent problem-solving skills and ability to meet tight deadlines.

• Experience supporting encryption and security appliances.

Keys to Success in this Role:

• Excellent collaborator and partner.

• Innovative and comfortable with change.

• Quickly grasp new technologies.

• Proactive with a focus on security and customer satisfaction.

• Enjoy tackling challenges with creative solutions.

Current Freddie Mac employees please apply through the internal career site.

We consider all applicants for all positions without regard to gender, race, color, religion, national origin, age, marital status, veteran status, sexual orientation, gender identity/expression, physical and mental disability, pregnancy, ethnicity, genetic information or any other protected categories under applicable federal, state or local laws. We will ensure that individuals are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

A safe and secure environment is critical to Freddie Mac's business. This includes employee commitment to our acceptable use policy, applying a vigilance-first approach to work, supporting regulatory mandates, and using best practices to protect Freddie Mac from potential threats and risk. Employees exercise this responsibility by executing against policies and procedures and adhering to privacy & security obligations as required via training programs.

CA Applicants: Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

Notice to External Search Firms: Freddie Mac partners with BountyJobs for contingency search business through outside firms. Resumes received outside the BountyJobs system will be considered unsolicited and Freddie Mac will not be obligated to pay a placement fee. If interested in learning more, please visit www.BountyJobs.com and register with our referral code: MAC.

Time-type:Full time

FLSA Status:Exempt

Freddie Mac offers a comprehensive total rewards package to include competitive compensation and market-leading benefit programs. Information on these benefit programs is available on our Careers site.

This position has an annualized market-based salary range of $150,000 - $224,000 and is eligible to participate in the annual incentive program. The final salary offered will generally fall within this range and is dependent on various factors including but not limited to the responsibilities of the position, experience, skill set, internal pay equity and other relevant qualifications of the applicant.