Data Protection Technical Lead (Remote)

At Freddie Mac, you will do important work to build a better housing finance system and you’ll be part of a team helping to make homeownership and rental housing more accessible and affordable across the nation.

Data Protection Technical Lead

Position Overview:

We are seeking a Cyber Security Technical Lead to join the Data Protection team within the Information Security Engineering department of the Information Technology Division. The Technical Lead is responsible for leading Security Engineers, providing leadership, guidance and technical direction for multiple security tools. Read on to learn more about this exciting opportunity!

**This position has an on-call requirement.**

Our Impact:

We reduce information risk by ensuring and enhancing the Confidentiality, Availability, and Integrity of Information systems at Freddie Mac.

Your Impact:

In this role, you will help fulfill the Information Security department’s vision of reducing information risk by ensuring and enhancing the Confidentiality, Availability, and Integrity of Information systems at Freddie Mac. You will lead the development and delivery of our technical solutions related to Data Protection. You will build, develop, and maintain relationships with internal and external customers, and vendors to formulate remediation solutions for issues related with Information Security.

Qualifications:

• 8-10 years of relevant experience in IT Security.

• 3-5+ years of leadership experience required, preferably as a tech lead for multiple security efforts.

• 3-5+ years of experience in administration of security tools.

• Strong collaboration skills required to partner across IT and Lines of Business to lead the delivery of new Data Protection capabilities, as well as to enhance the quality of existing Data Protection services.

• Familiar with industry security regulations and frameworks (MITRE Attack Framework, CIS CSC, SOX Compliance etc.).

• Experience establishing, testing and maintaining SOX controls.

• Strong understanding of Change Management activities and processes.

• A strong understanding of Database Activity Monitoring, Data Encryption, Data Tokenization, Data Masking, Security Configuration Management Database, File Integrity Monitoring, Unauthorized Change Monitoring, SaaS security solutions and cloud client security.

• An understanding of HIPS clients and firewall rules and settings.

• Strong organizational skills with the ability to multitask by working multiple problems, tasks and still seeing tasks through to closure working with all type of Data Protection technologies.

• Must have experience working on physical and virtual appliances with familiarity with secure configurations, as well as Linux, Network and Windows commands.

• Python and PowerShell scripting experience is required.

• Security Certifications preferred.

• Basic understanding and experience supporting ITIL related activities such as Incident and Problem Management.

Keys to Success in this Role:

• Self-starter, self-motivated, problem solver, out of the box thinker.

• Ability to work & collaborate effectively in a team environment.

• Ability to communicate clearly, effectively, persuasively, and credibly with internal management and external entities.

• Motivated to learn new technologies and come up with process improvements and efficiencies.

• Sense of urgency and able to apply risk-based approach to prioritize work.

• Strong emphasis on evaluating and implementing automation to help streamline processes and procedures while remaining compliant with existing controls.

• Ability to adopt change while continuing to deliver on assigned objectives.

• Strong leadership, mentorship, and communication skills.

• Product lifecycle management ensuring no versions reach an end-of-life support and that any version upgrades are thoroughly tested in a lower environment.

• Ability to adapt and implement new products and large-scale upgrades.

• Mentor, guide and oversee members of the team (working with other teams to implement new and existing activities.

• Strong knowledge of network ports, protocols and firewalls.

Security Administration and Operations

• Install, configure and troubleshoot Data Protection software including agent-based software installations on Windows and Unix servers.

• Apply patches and upgrades to clients, administrative tools, and utilities on a regular basis.

• Perform daily monitoring for integrity and availability of appliances, management servers, systems and processes which may also include:

  • Reviewing system and application logs, and verifying services and jobs are running as expected.

  • Establishing and maintaining operational, configuration and other process/procedures to ensure effectiveness of new and existing detective and preventative configuration policies.

  • Where possible, incorporating automated monitoring/alerting.

• Provide management support relating to IT Security Audit, including providing evidence, artifacts and solutions.

• Provide support to the Cyber Security Operations Center and Threat Detection Teams with recommendations and handling of their requests.

• Coordinate with other infrastructure, engineering, and application project/support teams to ensure new policies/assets are deployed.

• Ensure that any issues impacting tools and systems are resolved quickly and effectively without adversely impacting the affected business systems.

• Augment production support team to ensure 24/7 coverage and operations. Responsibilities sometimes require working evenings and weekends, sometimes with little to no advanced notice.

• Ensure system supporting Data Protection services comply with Baseline Security Configurations and address identified vulnerabilities.

• Understand and advocate IT Security standards, reference architectures.

• Demonstrate an understanding of malware, threats, vulnerabilities and the complete affect these could have in the environment.

• Communicate effectively with clients to identify needs and evaluate alternative technical solutions and strategies.

• Develop SOP’s and Runbooks to promote successful operations, ensuring documents are regularly reviewed/certified to be current/accurate.

• Ensure processes reflect our technical obligations of system uptime and performance.

• Presentation of metrics and other attributes to convey accomplishments.

• Effectively provide regular status updates and accomplishments to leadership.

Current Freddie Mac employees please apply through the internal career site.

Today, Freddie Mac makes home possible for one in four home borrowers and is one of the largest sources of financing for multifamily housing. Join our smart, creative and dedicated team and you’ll do important work for the housing finance system and make a difference in the lives of others.

We are an equal opportunity employer and value diversity and inclusion at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by applicable law. We will ensure that individuals with differing abilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

CA Applicants:  Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

Notice to External Search Firms: Freddie Mac partners with BountyJobs for contingency search business through outside firms. Resumes received outside the BountyJobs system will be considered unsolicited and Freddie Mac will not be obligated to pay a placement fee. If interested in learning more, please visit www.BountyJobs.com and register with our referral code: MAC.

Time-type:Full time

FLSA Status:Exempt

Freddie Mac offers a comprehensive total rewards package to include competitive compensation and market-leading benefit programs. Information on these benefit programs is available on our Careers site.

This position has an annualized market-based salary range of $150,000 - $224,000 and is eligible to participate in the annual incentive program. The final salary offered will generally fall within this range and is dependent on various factors including but not limited to the responsibilities of the position, experience, skill set, internal pay equity and other relevant qualifications of the applicant.