Senior Security Solutions Architect
- Reston, VA, USA
- Employees can work remotely
At Fannie Mae, futures are made. The inspiring work we do makes an affordable home a reality and a difference in the lives of Americans. Every day offers compelling opportunities to modernize the nation's housing finance system while being part of an inclusive team using new, emerging technologies. Here, you will help lead our industry forward, enhance your technical expertise, and make your career.
As a valued colleague on our team, you will design, develop, test, and/or maintain moderately to complex hardware, technology, and/or processes. Specifically, this position will act as a senior DevSecOps Security Architect, focused on designing, building, and delivering automated security testing capabilities for key security controls. This includes ensuring compliance at all stages of the SDLC, and ensuring that development teams have the information necessary to build secure and compliant solutions as early as possible by injecting security control testing as part of “shift-left” methodologies. This role will primarily be solving full-stack control solutions aligned to NIST 800-53 to further mature our infrastructure, service, and application delivery on cloud native solutions.
THE IMPACT YOU WILL MAKE
The Information Security Technology - Engineering - Lead Associate role will offer you the flexibility to make each day your own, while working alongside people who care so that you can deliver on the following responsibilities:
- Determine customer needs, and while identifying and resolving conflicting and/or complementary needs across customer groups.
- Apply advanced skill, knowledge, and experience to design and develop technical solutions to meet customer needs.
- Use a process-driven approach in designing solutions.
- May maintain or oversee the maintenance of existing technical solutions.
- Apply advanced skill, knowledge, and experience to design and develop technical solutions to meet information security and compliance goals
- Use a process-driven approach in developing security and compliance focused solutions.
- Deliver transformational solutions that mature the enterprise’s security control posture and further enable the business to deliver new solutions securely.
THE EXPERIENCE YOU BRING TO THE TEAM
Minimum Required Experiences
- 4 years
- Bachelor’s degree or equivalent
- AWS Security Specialty certification
- AWS Solutions Architect Associate or Professional certifications
- AWS Developer Certification
- Proficient in cloud security architecture and security controls (Required: AWS, Optional: Azure, GCP, SaaS)
- Strong working knowledge of AWS Architecture and Services with large enterprise-level experience
- Experience with DevSecOps principles and implementing security capabilities in CI/CD pipelines, and in all phases of the SDLC lifecycle
- Experience in Security Control Testing and Compliance Validation Testing
- Ability to implement infrastructure as Code (IaC) to integrate security using CloudFormation, Terraform, Sentinel or similar.
- Experience with establishing and implementing baselines, security controls that enforce them, and Compliance as Code that checks, tests, and validates control effectiveness.
- Well-versed in hands-on AWS service management (i.e., Roles, Orgs/OUs, Accounts, CLI/SDK, etc.)
- Strong foundation of core information security domains, principles, and best practices
- Familiarity with industry frameworks (FedRAMP, NIST, CIS Benchmarks, other compliance frameworks)
- Ability to create dashboards and reports to demonstrate compliance with internal and external/regulatory requirements
- Ability to frame ideas as systems and analyzing the inputs, outputs, and process.
- Code-level application security (IAM, encryption, logging and monitoring etc.)
- Skilled in establishing and maintaining consistency of a product's performance, functional, and physical attributes with its requirements, design, and operational information
- Adept at managing project plans, resources, and people to ensure successful project completion
- Experience identifying measures, or indicators of compliance drifts, and the actions needed to improve or correct to achieve desired outcomes.
- Skilled in actively and formally mentoring others.
The future is what you make it to be. Discover compelling opportunities at Fanniemae.com/careers.
Fannie Mae is an Equal Opportunity Employer, which means we are committed to fostering a diverse and inclusive workplace. All qualified applicants will receive consideration for employment without regard to race, religion, national origin, gender, gender identity, sexual orientation, personal appearance, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation in the application process, email us at [email protected]