Cyber Security Sr

Information Technology
Herndon, VA
March 20, 2017

Position Overview

The Security Intelligence and Operations Center Senior provides technical support for the Security Monitoring function within the Cyber Security team. Analysis and hands on investigation within a dynamic environment extending across event monitoring, security intelligence, threat analysis, and usage of advanced threat detection technologies. Builds, develops, and maintains relationships with internal and external customers, the Cyber Security Team, and vendors in support of infrastructure and systems within Information Security at Freddie Mac. Clearly understands team, department and company goals demonstrating the ability to translate them into specific performance goals and drives tasks to completion. This position reports to the Security Intelligence and Operations Center Manager.

Responsibilities include:

* Daily monitoring of event collection, security intelligence and emerging threat information sources including SIEM, vendors, researchers, websites, newsfeeds and other sources
* Performs analysis of all threat/vulnerability sources assessing any impacts to Freddie Mac infrastructure and systems and provides an assessment, recommendations and potential actions correlative to the security threat posture and matures the current vulnerability and scanning/assessment capabilities.
* Coordinates response, triage and escalation activities for security events affecting the company’s information assets and activities with the incident response team as part of the security incident response lifecycle.
* Identifies and creates use cases within the SIEM tool
* Serves as one of the technical experts on the team
* Develop communication channels with technology owners and the business to evangelize the evolving threat landscape.
* Must be able to present to different audiences and adjust accordingly (business, technical and management) either structured presentations or ad-hoc. Must be able to establish and maintain business relationships with individual contributors as well as management.
* Leads efforts in the improvement and development of process/procedure manuals and documentation for the escalation of threat intelligence, advanced persistent threat detection, vulnerability analysis and incident response handling.
* Maintains a continuous process improvement work environment, for security monitoring, security configuration standards and threat analysis recommending and implementing new/improved process in accordance with existing policy, industry standards and best practices.


* 5+ years of Information Security or related technology experience
* At least 3+ years of Information Security Incident and Event Monitoring experience
* 3+ years of experience with advanced knowledge of network protocols, routing and switching in complex environments
* Experienced with using the command line interface (Unix, Linux, and Windows)
* Advanced scripting experience (Python, Shell, Bash, Java, etc.)
* Ability to communicate clearly, effectively, persuasively and credibly with internal and external customers and various levels of management both verbally and in written form
* Self-starter with the ability to work independently or within a dynamic team environment
* Attention to detail, logical and analytical thinking and systematic problem solving capability
* Adept with researching and investigating anomalies
* Experience working in a Security Operations Center (SOC) environment
* Relevant security knowledge and experience in two or more of the following areas: security operations, security intelligence, threat analysis, security event management, log analysis, and network/host intrusion detection
* Prior experience with system and security administration of multiple platforms and operating systems such as Unix/Solaris/AIX/Linux, Databases and Microsoft Windows
* Demonstrated experience with using and/or implementing SIEM technology (Splunk, Arcsight, QRadar, etc) and use cases.
* Demonstrated experience in handling SIEM events and response in critical environments (Email Threat Analysis, Web Threat Analysis, Malware Analysis, etc)
* Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection)

Preferred Skills

* Bachelor’s degree in Computer Science, Information Technology or Business Management
* Experience in the financial services industry
* Experience with Sarbanes-Oxley Compliance
* Advanced knowledge of the following: Programming, SQL, Firewalls, WAF, Advanced Persistent Threats, Zero Day Exploits, Reverse Engineering Malware, Vulnerability Analysis/Assessment and Data Loss Prevention
* Proven ability to lead and influence across and up during business impacting events
* Ability to influence and guide decision making in crisis moments
* GCIA, GCIH, CISSP or CCNA certification is preferred (Other relevant security certifications will be considered such as CEH and GREM)

Closing Statement

Today, Freddie Mac makes home possible for one in four home borrowers and is one of the largest sources of financing for multifamily housing. Join our smart, creative and dedicated team and you’ll do important work for the housing finance system and make a difference in the lives of others. Freddie Mac is an equal opportunity and top diversity employer. EOE, M/F/D/V.