Credit Risk Management Manager, Cyber

At Freddie Mac our mission of Making Home Possible is what motivates us and its at the core of everything we do. Since our charter in 1970 we have made home possible for more than 90 million families across the country. Join an organization where your work contributes to a greater purpose.

Position Overview:

Freddie Mac is seeking an experienced Manager in Information Security to enhance security maturity by ensuring the quality of design and implementation of Standard Operating Procedures (SOPs) and controls. This role involves establishing compliance processes guiding a team and providing governance for security guardrails in software delivery. The Manager will also work to mature Information Security processes using the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF).

Our Impact:

The Seller/Servicer information security oversight team within Third-Party Risk Management provides oversight of seller/servicers. Our cyber specialists proactively monitor identify detect and respond to cyber threats through regular vulnerability scans to mitigate information security risk to Freddie Mac.

Your Impact:

The Credit Risk Management Manager will be responsible for administering the Information Security cyber questionnaire that is comprised of the following: Conducting Information Security risk reviews and interviews with seller/servicers for the annual Consolidated Origination and Risk Evaluation (CORE) review that includes analyzing findings from the reviews and providing a risk assessment with supported evidence.

In addition the Credit Risk Management Manager will have a deeper understanding of the NIST standards and be able to analyze the seller/services compliance with the Freddie Mac Guide. Identify and assess potential risks and vulnerabilities to our systems and data by our third parties using approved monitoring tools. Conduct risk assessments analyze threats and assess third party information security processes and procedures identify any associated risks and provide a risk assessment with supporting evidence. The candidate must have a significant understanding of the Third-Party Risk Governance process. The Manager will also perform other duties as assigned in support of evolving organizational needs.

Qualifications:

• 8-10 years experience with 6 - 8 years preferred experience in cybersecurity or cyber risk management particularly in highly regulated industries.

• 2 or more years of demonstrated experience as a people manager.

• Bachelors degree in computer science engineering or a related field or equivalent work experience.

• Experience in discussions with senior leadership to understand strategic goals.

• Strong experience in IT governance risk and controls including frameworks like COBIT FFIEC ISO2700x and NIST.

Keys to Success in this Role:

• Strong organizational and time management skills leading multiple priorities and deadlines.

• Ability to develop maintain and cultivate effective relationships across divisions

• Strong analytical skills

• Flexible and adaptable.

Current Freddie Mac employees please apply through the internal career site.

We consider all applicants for all positions without regard to gender race color religion national origin age marital status veteran status sexual orientation gender identity/expression physical and mental disability pregnancy ethnicity genetic information or any other protected categories under applicable federal state or local laws. We will ensure that individuals are provided reasonable accommodation to participate in the job application or interview process to perform essential job functions and to receive other benefits and privileges of employment. Please contact us to request accommodation.

A safe and secure environment is critical to Freddie Macs business. This includes employee commitment to our acceptable use policy applying a vigilance-first approach to work supporting regulatory mandates and using best practices to protect Freddie Mac from potential threats and risk. Employees exercise this responsibility by executing against policies and procedures and adhering to privacy & security obligations as required via training programs.

CA Applicants: Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

Notice to External Search Firms: Freddie Mac partners with BountyJobs for contingency search business through outside firms. Resumes received outside the BountyJobs system will be considered unsolicited and Freddie Mac will not be obligated to pay a placement fee. If interested in learning more please visit and register with our referral code: MAC.

Freddie Mac offers a comprehensive total rewards package to include competitive compensation and market-leading benefit programs. Information on these benefit programs is available on our Careers site.