Defense and Response - Threat Detection - Senior Associate
Reston, VA, United States
Applications have closed
Fannie Mae
We facilitate equitable and sustainable access to homeownership and quality, affordable rental housing across America.Company Description
At Fannie Mae, futures are made. The inspiring work we do makes an affordable home a reality and a difference in the lives of Americans. Every day offers compelling opportunities to modernize the nations housing finance system while being part of an inclusive team using new, emerging technologies. Here, you will help lead our industry forward, enhance your technical expertise, and make your career.
Job Description
As a valued colleague on our team, you will monitor and evaluate threats to Fannie Mae's cybersecurity. In this role, you will set up checks and warnings to alert management when suspicious activity is detected.
The Insider Risk Program helps protect Fannie Mae's confidential and sensitive information from anyone with authorized access who might attempt to sabotage systems or products, steal company information, or violate security controls. The Insider Risk Analyst will use a variety of techniques and tools to analyze potential indicators and investigate events for potentially harmful activity within Fannie Mae's network and systems.
THE IMPACT YOU WILL MAKE
The Defense and Response - Threat Detection - Senior Associate role will offer you the flexibility to make each day your own, while working alongside people who care so that you can deliver on the following responsibilities:
- Engage with managers, HR, IR, Privacy & Compliance, and other partners to investigate employee and contractor actions that could pose a threat to Fannie Mae's networks, systems, and/or data.
- Present information to team to ensure current understanding of Fannie Mae's information security activities and systems.
- Create advanced cyber indicators to maintain awareness of systems and alert when abnormal behavior is detected.
- Evaluate and recommend improvements to existing indicators to detect more advanced threats.
- Independently monitor cyber threats in real-time.
- Work with Incident Response to investigate threats and attacks.
Qualifications
THE EXPERIENCE YOU BRING TO THE TEAM
Minimum Required Experiences
- 2 years
Desired Experiences
- Bachelor degree or equivalent
- Proficient with SIEM technologies, data manipulation, have demonstrated written and oral communication skills and be able to effectively communicate findings, outcomes and necessary actions to a variety of audiences as well as the ability to understand & apply technical concepts.
- Must be comfortable speaking to and questioning suspected individuals; along with their managers/directors, and other involved partners during the course of the investigation.
- Must be passionate about the team's mission, remain calm under pressure, be able to keep an open mind, set aside personal biases/feelings, and pivot quickly between activities based on changing priorities.
- Experience with investigations and response including subject/witness interviews.
- Risk management focus - the ability to make risk-based decisions and recommendations.
- Ability to learn new systems and high attention to detail.
- Independent-thinker who works well with team members and with stakeholders to ensure program success.
- Demonstrated ability to identify patterns in data and translate those patterns into indicators.
- Understanding of insider threats and behaviors.
- Understanding of basic security concepts. This will help to identify potential gaps in which an insider could steal data or use to sabotage/misuse systems.
- Experience with security technologies such as Splunk, and endpoint UEBA tools
Skills
- Utilize security technologies and tools, identify and investigate activity in collaboration with managers, HR and IR to determine severity and intent, interview the employee or contractor if necessary, and use defined processes for response and recovery activities when necessary.
- Work with partner teams (Investigations, Incident Response, Detection, Cyber Incident Management, etc) and internal customers to gather preliminary investigation data, assess the validity of the threat, determine intent, and determine if further investigation and/or action is needed.
- Utilize standard investigation techniques to gather and analyze information, and work with appropriate teams to prove or disprove allegations or suspicions with data and facts.
- Create focused communications for both technical and non-technical customers detailing the outcome of the investigation.
- Work with highly confidential and sensitive information, brief internal customers (Information Security, HR, Legal, Privacy, etc) on relevant findings on a need to know basis as determined by sensitivity and severity of the investigation.
- Apply logic and organizational knowledge during data analysis to determine risk, threat, and possible impact.
- Think creatively to assess possible intentions and actions, even when presented with limited or incomplete data, and trust instincts to know when to continue or close an investigation.
Tools
- Experience with security technologies such as Splunk and Microsoft Purview/Compliance.
- Experience with endpoint UEBA tools such as DTEX and Splunk UBA.
- Skilled with usage of Endpoint Detection & Response tools.
- Skilled in signature development for detection based tools.
- Experience with digital forensic tools & techniques.
Additional Information
JOB REFID: REF11542H
The future is what you make it to be. Discover compelling opportunities at careers.fanniemae.com.
Fannie Mae is an Equal Opportunity Employer, which means we are committed to fostering a diverse and inclusive workplace. All qualified applicants will receive consideration for employment without regard to race, religion, national origin, gender, gender identity, sexual orientation, personal appearance, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation in the application process, email us at careers_mailbox@fanniemae.com.
Tags: Compliance Finance Incident response Privacy Risk management SIEM Splunk Threat detection
Perks/benefits: Career development Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs