Defense and Response - Threat Detection - Senior Associate

Reston, VA, United States

Full Time Senior-level / Expert
Fannie Mae logo

Fannie Mae

Fannie Mae is your source for mortgage financing and reliable housing information.

View all employer listings

Apply now Apply later

Company Description

At Fannie Mae, futures are made. The inspiring work we do makes an affordable home a reality and a difference in the lives of Americans. Every day offers compelling opportunities to modernize the nations housing finance system while being part of an inclusive team using new, emerging technologies. Here, you will help lead our industry forward, enhance your technical expertise, and make your career.

 

 

Job Description

As a valued colleague on our team, you will monitor and evaluate threats to Fannie Mae's cybersecurity. In this role, you will set up checks and warnings to alert management when suspicious activity is detected.

The Insider Risk Program helps protect Fannie Mae's confidential and sensitive information from anyone with authorized access who might attempt to sabotage systems or products, steal company information, or violate security controls. The Insider Risk Analyst will use a variety of techniques and tools to analyze potential indicators and investigate events for potentially harmful activity within Fannie Mae's network and systems.


THE IMPACT YOU WILL MAKE
The Defense and Response - Threat Detection - Senior Associate role will offer you the flexibility to make each day your own, while working alongside people who care so that you can deliver on the following responsibilities:

  • Engage with managers, HR, IR, Privacy & Compliance, and other partners to investigate employee and contractor actions that could pose a threat to Fannie Mae's networks, systems, and/or data.
  • Present information to team to ensure current understanding of Fannie Mae's information security activities and systems.
  • Create advanced cyber indicators to maintain awareness of systems and alert when abnormal behavior is detected.
  • Evaluate and recommend improvements to existing indicators to detect more advanced threats.
  • Independently monitor cyber threats in real-time.
  • Work with Incident Response to investigate threats and attacks.

Qualifications

THE EXPERIENCE YOU BRING TO THE TEAM

Minimum Required Experiences

  • 2 years


Desired Experiences

  • Bachelor degree or equivalent
  • Proficient with SIEM technologies, data manipulation, have demonstrated written and oral communication skills and be able to effectively communicate findings, outcomes and necessary actions to a variety of audiences as well as the ability to understand & apply technical concepts.
  • Must be comfortable speaking to and questioning suspected individuals; along with their managers/directors, and other involved partners during the course of the investigation.
  • Must be passionate about the team's mission, remain calm under pressure, be able to keep an open mind, set aside personal biases/feelings, and pivot quickly between activities based on changing priorities.
  • Experience with investigations and response including subject/witness interviews.
  • Risk management focus - the ability to make risk-based decisions and recommendations.
  • Ability to learn new systems and high attention to detail.
  • Independent-thinker who works well with team members and with stakeholders to ensure program success.
  • Demonstrated ability to identify patterns in data and translate those patterns into indicators.
  • Understanding of insider threats and behaviors.
  • Understanding of basic security concepts. This will help to identify potential gaps in which an insider could steal data or use to sabotage/misuse systems.
  • Experience with security technologies such as Splunk, and endpoint UEBA tools


Skills

  • Utilize security technologies and tools, identify and investigate activity in collaboration with managers, HR and IR to determine severity and intent, interview the employee or contractor if necessary, and use defined processes for response and recovery activities when necessary.
  • Work with partner teams (Investigations, Incident Response, Detection, Cyber Incident Management, etc) and internal customers to gather preliminary investigation data, assess the validity of the threat, determine intent, and determine if further investigation and/or action is needed.
  • Utilize standard investigation techniques to gather and analyze information, and work with appropriate teams to prove or disprove allegations or suspicions with data and facts.
  • Create focused communications for both technical and non-technical customers detailing the outcome of the investigation.
  • Work with highly confidential and sensitive information, brief internal customers (Information Security, HR, Legal, Privacy, etc) on relevant findings on a need to know basis as determined by sensitivity and severity of the investigation.
  • Apply logic and organizational knowledge during data analysis to determine risk, threat, and possible impact.
  • Think creatively to assess possible intentions and actions, even when presented with limited or incomplete data, and trust instincts to know when to continue or close an investigation.


Tools

  • Experience with security technologies such as Splunk and Microsoft Purview/Compliance.
  • Experience with endpoint UEBA tools such as DTEX and Splunk UBA.
  • Skilled with usage of Endpoint Detection & Response tools.
  • Skilled in signature development for detection based tools.
  • Experience with digital forensic tools & techniques.

Additional Information

JOB REFID: REF11542H

The future is what you make it to be. Discover compelling opportunities at careers.fanniemae.com.

Fannie Mae is an Equal Opportunity Employer, which means we are committed to fostering a diverse and inclusive workplace. All qualified applicants will receive consideration for employment without regard to race, religion, national origin, gender, gender identity, sexual orientation, personal appearance, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation in the application process, email us at careers_mailbox@fanniemae.com.
 

Tags: Compliance Finance Incident response Privacy Risk management SIEM Splunk Threat detection

Perks/benefits: Career development Team events

Region: North America
Country: United States
Job stats:  1  0  0
Category: Threat Intel Jobs
  • Share this job via
  • or

Other jobs like this

Explore more Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.