At Freddie Mac, you will do important work to build a better housing finance system and you'll be part of a team helping to make homeownership and rental housing more accessible and affordable across the nation.
Position Overview:
Freddie Mac Home Loan Mortgage Corporation's goal is to make homeownership and rental housing more accessible and affordable. Our mission to provide liquidity, stability, and affordability to the U.S. housing market in all economic conditions extends to all communities from coast to coast.
The IT Risk Governance Team is part of the 1st Line within the Enterprise Operations & Technology (EO&T) Division at Freddie Mac. Team members on the IT Risk Governance team are highly-skilled risk management professionals with a demonstrated ability to provide value added risk management services to stakeholders. The team provides risk management support to the EO&T division. We work closely with all three lines of defense, and business partners on a series of risk governance and reduction activities.
Want more jobs like this?
Get jobs in McLean, VA delivered to your inbox every week.
The IT Risk Tech Lead will be part of the team and focus on executing the reviewing of SOC reports of our critical suppliers, identifying and reporting deficiencies, engaging key stakeholders to address the control deficiencies, preparing comprehensive review report, and maintaining all related records.
Our Impact:
In the contemporary business landscape, where data breaches and cyber threats are increasingly prevalent, ensuring the security and compliance of our critical suppliers is paramount. The growing complexity and sophistication of cyber threats necessitate a proactive approach to risk management. One effective measure is the thorough review of Service Organization Control (SOC) reports. These reports provide a comprehensive overview of the controls in place at service organizations, offering insights into their efficacy in safeguarding data and ensuring compliance with relevant standards. Providing due diligence through the thorough review SOC reports allows the company to
- Assess Risk: Understanding the control environment of our suppliers enables us to identify potential vulnerabilities and threats that could impact our operations
- Ensure Compliance: SOC reports help ensure that our suppliers comply with industry standards and regulatory requirements, thereby reducing the risk of non-compliance penalties.
- Enhance Trust: By verifying the robustness of our suppliers' controls, we can build and maintain trust with our stakeholders, including customers, investors, and regulatory bodies.
- Improve Decision-Making: Comprehensive review of SOC reports aids in making informed decisions regarding supplier selection and management.
Your Impact:
Enable an effective thorough SOC 1 and 2 review process, ensuring that supplier risks are appropriately assessed and managed by its internal controls.
- Reviewing SOC Reports: Conducting detailed reviews of SOC1, and SOC 2 reports submitted by our critical suppliers
- Identifying Risks and Issues: Highlighting any control deficiencies, vulnerabilities, or areas of non-compliance that may pose a risk to Freddie Mac
- Reporting Findings: Preparing comprehensive reports that summarize the findings and recommendations for each reviewed SOC report
- Collaborating with Stakeholders: Working closely with IT and risk management teams to address any identified issues and ensure remediation actions are implemented
- Maintaining Records: Keeping detailed records of all reviewed SOC report, findings and actions taken for future reference and audits
Qualifications:
- At least 10 years of operational risk management related professional experience including risk, control, policy and standard compliance. Experience in Information Technology or Information Security and financial reporting are preferred
- Technical understanding of SOC 1 and 2: familiarity with the SOC1 ICFR and SOC 2 Trust Service Criteria (Security, Availability, Processing Integrity, Confidentiality, and Privacy), and understanding the control objectives and relevant criteria
- Risk Assessment Skills: Ability to evaluate the supplier's control environment and identify key risks related to financial reporting, data security, privacy, and operational resiliency, and how these risks align with Freddie Mac's risk tolerance and regulatory requirements
- Knowledge of Internal Controls: Familiarity with controls around financial reporting, IT infrastructure, data management, incident response, cyber security, access management. This enables an assessment of the supplier's operational reliability and control strength.
- Regulatory and compliance knowledge: Understand relevant industry standards and regulations applicable to the supplier organizations and Freddie Mac
Keys to Success in this Role:
- Analytical and interpretive skills to accurately interpret audit opinions, findings, exceptions, and complementary user entity controls
- Detail orientated and result driven with a sense of urgency
- Excellent written, verbal communication and presentation skills
- Proficiency with project management
- Ability to multi-tasking
- Knowing what is needed to deliver results
- Intellectual agility and interpersonal flexibility
- Committed, consistent, collaborative, and curious
Current Freddie Mac employees please apply through the internal career site.
Today, Freddie Mac makes home possible for one in four home borrowers and is one of the largest sources of financing for multifamily housing. Join our smart, creative and dedicated team and you'll do important work for the housing finance system and make a difference in the lives of others.
We are an equal opportunity employer and value diversity and inclusion at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by applicable law. We will ensure that individuals with differing abilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
CA Applicants: Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.
Notice to External Search Firms: Freddie Mac partners with BountyJobs for contingency search business through outside firms. Resumes received outside the BountyJobs system will be considered unsolicited and Freddie Mac will not be obligated to pay a placement fee. If interested in learning more, please visit www.BountyJobs.com and register with our referral code: MAC.
Time-type:Full time
FLSA Status:Exempt
Freddie Mac offers a comprehensive total rewards package to include competitive compensation and market-leading benefit programs. Information on these benefit programs is available on our Careers site.
This position has an annualized market-based salary range of $127,000 - $191,000 and is eligible to participate in the annual incentive program. The final salary offered will generally fall within this range and is dependent on various factors including but not limited to the responsibilities of the position, experience, skill set, internal pay equity and other relevant qualifications of the applicant.