Playing an essential role in the U.S. economy, Fannie Mae is foundational to housing finance. Here, your expertise can help fuel purpose-driven innovation that expands access to homeownership and affordable rental housing across the country. Join Fannie Mae to grow your career and help people find a place to call home.
Job Description
In this compelling leadership position, you will plan and direct a function and team responsible for designing, developing, testing, or maintaining hardware, technology, or processes, and ensure the coordination of business unit operational activities.
The Senior Director of Security Configuration Management & Cyber Governance is a strategic cybersecurity leader responsible for establishing, governing, and continuously improving enterprise-wide security configuration management, cyber governance, compliance, and risk oversight programs. This role ensures the organization's technology assets, platforms, and services are securely configured, governed according to industry best practices, and aligned with regulatory, business, and risk management objectives.
The Senior Director will lead multidisciplinary teams responsible for security baselines, configuration standards, governance frameworks, policy management, compliance oversight, control effectiveness, and cyber risk reporting. This leader serves as a trusted advisor to executive leadership, technology organizations, audit partners, regulators, and business stakeholders to strengthen the organization's cybersecurity posture while enabling business transformation and innovation.
Strategic Information Security Leadership & Governance
Provide executive-level reporting on cyber risk, control effectiveness, compliance posture, and configuration management maturity aligned with risk appetite
Partner with business, technology, risk, legal, compliance, and audit stakeholders to ensure consistent governance practices across the Information Security organization.
Security Configuration Management
Establish enterprise security configuration standards, baselines, and hardening requirements across Cloud, SaaS and On Prem software services.
Lead security configuration management assessments and audits conducted by internal audit, regulators, and external parties. Ensure effective remediation of audit findings and regulatory observations.
Lead development of governance dashboards, scorecards, and metrics that provide transparency into control performance, compliance posture, risk trends, and remediation progress.
Present cybersecurity risks, trends, and remediation status to executive leadership, risk committees, and governance forums.
Leadership & People Management
Build, lead, mentor, and develop high-performing teams focused on security governance, security configuration management, and cyber risk oversight.
Drive workforce planning, succession planning, talent acquisition, and leadership development initiatives.
Promote strong partnerships across technology, security operations, engineering, architecture, risk, compliance, and business functions.
Minimum Required Experiences
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Engineering, or related field.
8 years of progressive experience in cybersecurity, information security, risk management, governance, or technology leadership roles.
Demonstrated experience leading enterprise-scale security configuration management, cyber governance, risk, compliance, or security engineering programs.
Deep understanding of cybersecurity frameworks, standards, and regulations including NIST CSF, NIST 800-53, CIS Controls, ISO 27001, COBIT, and relevant regulatory requirements.
Deep knowledge of cloud security, infrastructure security, endpoint security, security configuration management, and security operations.
Bachelor's degree in Information Security, Cybersecurity, Computer Science, Information Systems, Risk Management, or related field.
Strong understanding of regulatory requirements applicable to financial services or highly regulated industries.
Shows curiosity and adaptability in learning and responsibly applying new technologies, including artificial intelligence, to reimagine how we work.
Desired Experiences
Master's degree in Cybersecurity, Information Security, Business Administration, or related discipline.
Industry certifications such as CISSP, CISM, CRISC, CGEIT, CISA, or equivalent.
Experience within highly regulated industries such as financial services, government, healthcare, or critical infrastructure.
Knowledge of DevSecOps, Infrastructure as Code (IaC), automated compliance monitoring, and security orchestration technologies.
Qualifications
Active Directory (AD), Active Directory (AD), Amazon Web Services (AWS), Artificial Intelligence (AI), Atlassian JIRA, Authentication Management, Backup and Recovery (Software), Business Insight Skills, Business Process Management Skills, Calendar and Scheduling Tools, Cleaning and Transforming Data, Cloud Technology, Collaborating Cross-Functionally, Communicating in Technical Writing, Communicating Technical Information, Communication, Configuration Management (CM), Conflict Resolution, Coordination, Customer and Market Insights, Customer Relationship Management (CRM), CyberArk, Cybersecurity Analysis, Data Analysis, Data Analysis Interpretation {+ 60 more}
Education:
Bachelor's Level Degree (Required), Master's Level Degree
The future is what you make it to be. Discover compelling opportunities at Fanniemae.com/careers.
For most roles, employees are expected to work onsite on a regular basis at their designated office location. In-office work cadence is determined by your manager. Proximity within a reasonable commute to your designated office location is preferred unless the job is noted as open to remote.
Fannie Mae is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity/gender expression, marital or parental status, or any other protected factor. Fannie Mae is committed to providing reasonable accommodations to qualified individuals with disabilities who are employees or applicants for employment, unless to do so would cause undue hardship to the company. If you need assistance using our online system and/or you need a reasonable accommodation related to the hiring/application process, please complete this form.
The hiring range for this role is set forth below. Final salaries will generally vary within that range based on factors that include but are not limited to, skill set, depth of experience, certifications, and other relevant qualifications. This position is eligible to participate in a Fannie Mae incentive program (subject to the terms of the program). As part of our comprehensive benefits package, Fannie Mae offers a broad range of Health, Life, Voluntary Lifestyle, and other benefits and perks that enhance an employee's physical, mental, emotional, and financial well-being. See more here.
Requisition compensation:
226000
to
306000