This job has expired and you can't apply for it anymore. Start a new search.
Fannie Mae logo
Company Name:
Fannie Mae
Approximate Salary:
Not Specified
Reston, Virginia
United States
Position type:
Experience level:
Education level:

Cyber Security Specialist III


Are you interested in helping solve today's most critical housing challenges? In simplest terms, Fannie Mae serves the people who house America. We work at the heart of housing by providing reliable, affordable mortgage financing in all markets at all times, buying loans that banks and other lenders originate, so they can fund new loans. This gives more people the opportunity to buy, refinance, or rent homes and apartments. Creating these opportunities is what drives the people who work at Fannie Mae.

For more information about Fannie Mae, visit http\\:///progress

The Cyber Security Specialist III is responsible for leveraging expert level knowledge of the business, complex processes, and regulations in support of the effective implementation of the organization's governance, risk, and compliance programs. May recommend or implement procedures or business processes that are compliant with legal and regulatory directives and corporate mandates.


  • Utilizes broad expertise and specialized knowledge to lead and execute project management assignments related to policy and procedure development, compliance testing, process analyses, gap identification, and remediation
  • Develops and manages the implementation of operational and governance requirement for key control activities to ensure compliance with regulatory, legal, corporate, and business unit policies and procedures
  • Develops procedures and business processes that meet corporate standards and instruct business personnel in their use
  • Track compliance, evaluate results, and present best practice solutions to any issues that are identified
  • Evaluates new policies and procedures for operational and control impacts and governance, risk and compliance standards
  • May develop risk and operational reporting
  • Conducts risk and operational reviews and prepares analyses for complex projects often requiring an understanding of financial and market metrics. May present findings to Senior Management
  • Lead ad hoc projects and develop and implement corporate wide or business unit governance, risk, or compliance programs and initiatives


  • Bachelor's Degree or equivalent required


  • 4+ years of related experience

  • Strong experience with programming languages (Python and Java preferred) & situational awareness in regards to emerging threats, threat actors and exploitation techniques.


  • Understanding of third party relationships and how they are managed throughout their lifecycle, including the due diligence and periodic review phases.
  • Ability to document and explain risks and vulnerabilities to both business and technical stakeholders.
  • Excellent interpersonal skills, presentation skills, and verbal / written communication skills.
  • Self-starter; adaptable to change; motivated to set personal and program goals and proactively track performance against goals and initiatives.
  • Ability to manage multiple priorities projects, deliverables, and stakeholders.
  • Ability to influence peers and management; ability to team cross-functionally and form relationships to achieve objectives.
  • Familiarity with third party contract review process
  • Strong analytical and problem-solving skills, multitasking in a fast-paced environment
  • Understanding of web application assessments, network penetration testing, and vulnerability research.
  • Industry Certification preferred, e.g. CISSP, CISA, CISM, CRISC or equivalent designation.
  • Familiarity with MetricStream and other GRC tools (e.g., BitSight, RiskLens).
  • Intermediate understanding of information security policies, standards, industry best practices, and frameworks (ISO 27K, NIST 800-53, FISMA, BITS etc.)
  • Familiarity with regulatory compliance agencies (e.g., Office of the Comptroller of the Currency) and a general understanding of laws and regulations (e.g., PCI, HIPPA).
  • Familiarity with Risk Management Frameworks (e.g., ISO, NIST).


As a condition of employment with Fannie Mae, any successful job applicant will be required to pass a pre-employment drug screen and to successfully complete a background investigation, which may also include a credit check for positions in some areas of our business.

Fannie Mae is an Equal Opportunity Employer.

Associated topics: coast guard, confidential, fullscope polygraph, electronics intelligence, foreign instrumentation signals intelligence, petty officer, sco, sensor, subject matter expert, ts sci clearance required

More Jobs Like This