Position : Information Security Analyst
Location : Mclean, VA
Duration : Fulltime
· Perform security risk assessments (SRA) according to the Freddie Mac SRA framework and IS standards
· Perform vendor security risk assessments according to the Freddie Mac SRA framework and IS standards
· Receive and review documentation from the vendors and stakeholders and responses to the applicable questionnaire
· Determine gaps/findings based upon documentation provided
· Request for supplemental documentation, when applicable
· Demonstrate knowledge of Freddie Mac?s lines of business in execution of risk assessments
· Demonstrate deep technical expertise in execution of risk assessments
· Document identified IS risks to incorporate relevance and impact to Freddie Mac systems, infrastructure and business process
· Understand and communicate how vulnerabilities can be exploited within technology and the Freddie Mac environment in a manner that resonates with the business areas
· Provide remediation recommendations and/or recommend alternate solutions to resolve exceptions to IS Standards.
· Assist in identifying and communicating application control deficiencies and the associated risks.
· Develop and maintain relationships with internal and external customers to manage IS risks
· Research and maintain knowledge base regarding information security issues, solutions and potential implications for Freddie Mac.
· Support requirements gathering and design efforts of critical projects as needed.
· Communicate effectively orally and in writing and express conclusions and recommendations in a clear, technically sound manner.
· Provide quality control reviews and guidance to junior staff members on performing risk assessments, assigning risk ratings and analyzing mitigating actions
Work: +1- 516-545-0728