Security Engineer III
Company: Fannie Mae
Posted on: January 12, 2019
Fannie Mae provides reliable, large-scale access to affordable mortgage credit in communities across our nation. We are the leading source of funding for housing in America, which means more people can buy or rent a home. We are focused on sustaining the housing recovery, improving our company, and leading change to make housing better.
Join our diverse, high-performing team and make a difference as we work together to enable access to a good home.
For more information about Fannie Mae, visit
Design and implement systems and procedures to sustain the security, integrity, and availability of the organization's data. Assess risk of exposure of proprietary data through weaknesses in platforms, access procedures, and forms of access to the organization's systems and the data contained in them. Track security violations and identify trends or exposures that could be addressed by additional training, technical measures, or use of application tools to enhance security. May participate in simulated attacks or security violations to assess the organization's data security measures. Ideal candidate will be responsible for demonstrating an understanding of cybersecurity, networking traffic analysis, HTML traffic analysis, fraud detection, threat hunting, F5 Big-IP, and WAF security policies, and configuring/managing F5 ASM and APM modules. You will heavily interact with numerous business areas and business unit representatives to ensure WAF coverage.
KEY JOB FUNCTIONS
- Lead platform or operating system vulnerability scans that assess exposure of system to attacks or hacking. Monitor Security Operations pager and respond to issues of potential viral activity, spam, phishing, etc.
- Administer controls and review their application to ensure that system's controls, policies, and procedures are operating effectively relative to the predicted effectiveness of the controls.
- Investigate events or incidents of apparent security breaches, report to appropriate authorities using corporate procedures, and recommend or plan remedial activities.
- Confer and collaborate with internal and external auditors to ensure that appropriate controls are installed, operating properly, and being monitored and reported.
- May plan and/or conduct tests of the core infrastructure and the contingency environment for critical business applications to ensure business continuity in the event of a computer security incident.
- Analyze metrics of operation of security controls, as well as apparent attacks, breaches, and other pertinent data; identify trends and recommend a data-driven course of action.
- Plan and manage projects designed to test defenses against hacking, denial of service, spam, break-ins, or similar attacks. Provide guidance to infrastructure or application staff participating in exercise.
- Lead development and/or implementation of new methodologies or tools that could be adopted to enhance security of platforms, infrastructure, or access to data.
- Making recommended code, policy and irule changes to ensure interoperability with the WAF.
- Writing ASM policies to support blocking of OWASP TOP 10 attack vectors along with published vendor CVEs and internal team recommendations.
- Setting up new ASM policies in learning mode and updating policies with recommended changes.
- Capable of working a flexible schedule. EDUCATION
- Bachelor's Degree or equivalent required. MINIMUM EXPERIENCE
- 6+ years of related experience. SPECIALIZED KNOWLEDGE & SKILLS
- 6-8 years of experience as system or network administrator or a support specialist in a SOC environment. Solid understanding of basic fundamentals in TCP/IP and the OSI model as well as common routing protocols. Scripting is a plus. Experience working with firewalls and IDS technologies is required.
- Problem solving skills complimented with experience in solving information security device and application issues with customers is a must.
- SOC/NOC experience desired. Good verbal and written communication skills as well as attention to detail.
- Must have advanced experience in basic deployments with firewall, IDS, mailing and/or WAF technologies.
- Demonstrated mentoring and leadership capabilities and technical project planning from onboarding to implementation to execution phases.
- Exceptional customer service skills and interpersonal skills. Ability to work in small teams. Must be able to work in a 24x7 shift schedule.
- Must be able to resolve highly complex and technical business problems.
- Proven project management skills required. Ability to train all levels of staff to create Tier 2/3 expertise.
- Must be a Subject Matter Expert of 2 or more of applicable Infosec SOC supported technologies.
- Be able to perform scripting in multiple languages to solve for integration and routine/repeatable tasks.
- Be able to perform threat modeling to identify use cases based on SANS / OWASP / NIST.
- Tailor security controls for recent threat agents, attack vectors, and attack patterns to reduce risk to acceptable level, thus enabling informed risk management decisions.
- Subject Matter expert with F5 products & technology (GTM, LTM, SSL offloading, ASM, APM, AFM etc.).
- Analyzing application layer 7 traffic flows for integration with Big-IP ASM.
- Using ArcSight and Splunk for the analysis of event logs to take action or update policies as required.
- Desired certifications are Security+, Network+ / CENT, CCIE, CCNA, CEH, OWASP, CISSP.
- Experience working with OS / LINUX / WINDOWS / MAC environments.
- Experience with Directory Services, Network Protocols, and knowledge of multiple databases. EMPLOYMENT
As a condition of employment with Fannie Mae, any successful job applicant will be required to successfully complete a background investigation. Fannie Mae is an Equal Opportunity Employer.
Req ID: 55126
Keywords: Fannie Mae, Reston , Security Engineer III, Engineering , Reston, Virginia
Didn't find what you're looking for? Search again!