At Freddie Mac, our mission of Making Home Possible is what motivates us, and it’s at the core of everything we do. Since our charter in 1970, we have made home possible for more than 90 million families across the country. Join an organization where your work contributes to a greater purpose.

Position Overview:

Are you someone with a passion for Information Security and strong background in finding vulnerabilities by ensuring that systems comply with security benchmarks and Information Security policies? We are seeking a Senior level candidate to join the Freddie Mac’s Vuln Scanning team who likes to assess deviations from best practices and compliance standards in target system configurations.

Our Impact:

The Freddie Vulnerability and Compliance Scanning team is responsible for continuous monitoring for vulnerabilities and misconfigurations across multiple environments, and technologies. These include both on-prem and cloud infrastructure.

Your Impact:

Provide subject matter expertise in Vulnerability and Compliance Scanning for on-prem and cloud Infrastructure, as well as enhanced vulnerability analysis and contextual feedback to support the resolution of discovered vulnerabilities and facilitate risk awareness. In this role, the candidate will deploy and administer various compliance scanning solutions or automations to ensure the completeness and maintain scan coverage.

Your Work Falls into Three Primary Categories:

Baseline Security Configurations

Develop custom audit scripts for automated monitoring of approved Baseline Security Configurations (BSC) for servers, workstations, network devices, databases, applications and cloud.

Work with platform SMEs to ensure accuracy and completeness for the BSC scans

Collaborate with Information Security architecture, stakeholder and platform teams to optimize compliance implementations and ensure completeness and accuracy of scan activities

Design monitoring solutions for new and existing technologies to determine compliancy with published standards.

Tune scan policies & configuration for accuracy and performance efficiency.

Vulnerability Discovery

Scanning of infrastructure and network devices, operating systems, databases, applications and wireless to detect vulnerabilities and misconfigurations

Create Nessus custom scans and scan policies, tune settings for optimal performance and troubleshoot scan issues

Provide enhanced vulnerability analysis and contextual feedback to stakeholders for discovered vulnerabilities or misconfigurations.

Investigate false positive findings

Report metrics for scan coverage and discovered misconfigurations or misconfigurations

Deploy, maintain, and tune Nessus scanners to meet current and future needs

Troubleshoot issues with the scans, credentials, agents, policies

Help Develop Team Capabilities

Generate innovative ideas and challenge the status quo

Develop scripts, automations, tools, or methodologies to enhance the team’s processes and capabilities, and reduce toil

Create/update runbook and SOP documentations

Participate in and actively support mentoring with other members of the team, and mentoring less experienced staff

Qualifications:

Minimum of 5-7 years hands-on experience, working with security tools and performing vulnerability, and security configuration management

Must have expert knowledge of Linux and Windows operating systems, and cloud technologies

Must have advanced knowledge in networking and databases

Must have solid understanding of deploying and maintaining scanning infrastructure

Must be proficient with scripting languages – Python, Bash, PowerShell

Experience leading projects and initiatives

Certifications: Security+ / CISSP, AWS/GCP/Azure

Keys to Success in this Role:

Analytical thinking and problem-solving skills

Strong communication and documentation skills

Ability to work independently, as well as on a team of individuals with variety of skills and backgrounds

Innovative in providing solutions likes new challenges

Detail oriented

Current Freddie Mac employees please apply through the internal career site.

We consider all applicants for all positions without regard to gender, race, color, religion, national origin, age, marital status, veteran status, sexual orientation, gender identity/expression, physical and mental disability, pregnancy, ethnicity, genetic information or any other protected categories under applicable federal, state or local laws. We will ensure that individuals are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

A safe and secure environment is critical to Freddie Mac’s business. This includes employee commitment to our acceptable use policy, applying a vigilance-first approach to work, supporting regulatory mandates, and using best practices to protect Freddie Mac from potential threats and risk. Employees exercise this responsibility by executing against policies and procedures and adhering to privacy & security obligations as required via training programs.

CA Applicants:  Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

Notice to External Search Firms: Freddie Mac partners with BountyJobs for contingency search business through outside firms. Resumes received outside the BountyJobs system will be considered unsolicited and Freddie Mac will not be obligated to pay a placement fee. If interested in learning more, please visit www.BountyJobs.com and register with our referral code: MAC.

Time-type:Full time

FLSA Status:Exempt

Freddie Mac offers a comprehensive total rewards package to include competitive compensation and market-leading benefit programs. Information on these benefit programs is available on our Careers site.

This position has an annualized market-based salary range of $112,000 - $168,000 and is eligible to participate in the annual incentive program. The final salary offered will generally fall within this range and is dependent on various factors including but not limited to the responsibilities of the position, experience, skill set, internal pay equity and other relevant qualifications of the applicant.