Defense and Response - Threat Detection - Senior Associate

Reston, VA, United States

Applications have closed

Fannie Mae

We facilitate equitable and sustainable access to homeownership and quality, affordable rental housing across America.

View company page

Company Description

At Fannie Mae, futures are made. The inspiring work we do makes an affordable home a reality and a difference in the lives of Americans. Every day offers compelling opportunities to modernize the nations housing finance system while being part of an inclusive team using new, emerging technologies. Here, you will help lead our industry forward, enhance your technical expertise, and make your career.

 

 

Job Description

As a valued colleague on our team, you will monitor and evaluate threats to Fannie Mae's cybersecurity. In this role, you will set up checks and warnings to alert management when suspicious activity is detected.

The Insider Risk Program helps protect Fannie Mae's confidential and sensitive information from anyone with authorized access who might attempt to sabotage systems or products, steal company information, or violate security controls. The Insider Risk Analyst will use a variety of techniques and tools to analyze potential indicators and investigate events for potentially harmful activity within Fannie Mae's network and systems.


THE IMPACT YOU WILL MAKE
The Defense and Response - Threat Detection - Senior Associate role will offer you the flexibility to make each day your own, while working alongside people who care so that you can deliver on the following responsibilities:

  • Engage with managers, HR, IR, Privacy & Compliance, and other partners to investigate employee and contractor actions that could pose a threat to Fannie Mae's networks, systems, and/or data.
  • Present information to team to ensure current understanding of Fannie Mae's information security activities and systems.
  • Create advanced cyber indicators to maintain awareness of systems and alert when abnormal behavior is detected.
  • Evaluate and recommend improvements to existing indicators to detect more advanced threats.
  • Independently monitor cyber threats in real-time.
  • Work with Incident Response to investigate threats and attacks.

Qualifications

THE EXPERIENCE YOU BRING TO THE TEAM

Minimum Required Experiences

  • 2 years


Desired Experiences

  • Bachelor degree or equivalent
  • Proficient with SIEM technologies, data manipulation, have demonstrated written and oral communication skills and be able to effectively communicate findings, outcomes and necessary actions to a variety of audiences as well as the ability to understand & apply technical concepts.
  • Must be comfortable speaking to and questioning suspected individuals; along with their managers/directors, and other involved partners during the course of the investigation.
  • Must be passionate about the team's mission, remain calm under pressure, be able to keep an open mind, set aside personal biases/feelings, and pivot quickly between activities based on changing priorities.
  • Experience with investigations and response including subject/witness interviews.
  • Risk management focus - the ability to make risk-based decisions and recommendations.
  • Ability to learn new systems and high attention to detail.
  • Independent-thinker who works well with team members and with stakeholders to ensure program success.
  • Demonstrated ability to identify patterns in data and translate those patterns into indicators.
  • Understanding of insider threats and behaviors.
  • Understanding of basic security concepts. This will help to identify potential gaps in which an insider could steal data or use to sabotage/misuse systems.
  • Experience with security technologies such as Splunk, and endpoint UEBA tools


Skills

  • Utilize security technologies and tools, identify and investigate activity in collaboration with managers, HR and IR to determine severity and intent, interview the employee or contractor if necessary, and use defined processes for response and recovery activities when necessary.
  • Work with partner teams (Investigations, Incident Response, Detection, Cyber Incident Management, etc) and internal customers to gather preliminary investigation data, assess the validity of the threat, determine intent, and determine if further investigation and/or action is needed.
  • Utilize standard investigation techniques to gather and analyze information, and work with appropriate teams to prove or disprove allegations or suspicions with data and facts.
  • Create focused communications for both technical and non-technical customers detailing the outcome of the investigation.
  • Work with highly confidential and sensitive information, brief internal customers (Information Security, HR, Legal, Privacy, etc) on relevant findings on a need to know basis as determined by sensitivity and severity of the investigation.
  • Apply logic and organizational knowledge during data analysis to determine risk, threat, and possible impact.
  • Think creatively to assess possible intentions and actions, even when presented with limited or incomplete data, and trust instincts to know when to continue or close an investigation.


Tools

  • Experience with security technologies such as Splunk and Microsoft Purview/Compliance.
  • Experience with endpoint UEBA tools such as DTEX and Splunk UBA.
  • Skilled with usage of Endpoint Detection & Response tools.
  • Skilled in signature development for detection based tools.
  • Experience with digital forensic tools & techniques.

Additional Information

JOB REFID: REF11542H

The future is what you make it to be. Discover compelling opportunities at careers.fanniemae.com.

Fannie Mae is an Equal Opportunity Employer, which means we are committed to fostering a diverse and inclusive workplace. All qualified applicants will receive consideration for employment without regard to race, religion, national origin, gender, gender identity, sexual orientation, personal appearance, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation in the application process, email us at careers_mailbox@fanniemae.com.
 

The hiring range for this role is set forth above. Final salaries will generally vary within that range based on factors that include but are not limited to, skill set, depth of experience, certifications, and other relevant qualifications. This position is eligible to participate in a Fannie Mae incentive program (subject to the terms of the program). As part of our comprehensive benefits package, Fannie Mae offers a broad range of Health, Life, Voluntary Lifestyle, and other benefits and perks that enhance an employee’s physical, mental, emotional, and financial well-being. See more here.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Compliance Finance Incident response Privacy Risk management SIEM Splunk Threat detection

Perks/benefits: Career development Health care Team events

Region: North America
Country: United States
Job stats:  8  0  0
Category: Threat Intel Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.