The role will report to the Senior Director of Cloud Security Architecture and will collaborate with Enterprise Architects and Application Dev teams to come up with Security Architecture for applications and enterprise tech capabilities migrating to Cloud.THE IMPACT YOU WILL MAKE
The Cloud Security - Architecture - Principal will leverage broad technical knowledge of cloud security best practices of key public cloud offerings of providers such AWS, Azure, and GCP to establish secure design patterns, to architect integrations among cloud and/or on-premises infrastructures. The individual must have deep understanding of cloud policy, security technical architecture and have implemented solutions in a cloud environment. Knowledge of industry best practices around cloud security compliance and architect cloud security practices. This individual must be able to assist in ensuring the security and compliance of the cloud environment based on enterprise cloud security policies, standards, and procedures. The role will ensure that solutions operating on the cloud comply with enterprise security requirements in both off-premises and hybrid environment models. A candidate should expect the following responsibilities:
- Partner with InfoSec Product owners and EnterpriseArchitecture team to collaboratively develop security architectures/designs leveraging approved patterns that ensure applications migrating from on-premises to Cloud, achieving high standards of security practices and compliance.
- Drive the development and adoption of cloud security standards, best practices, and technologies within InfoSec
- Liaise on security-related issues with InfoSecstakeholders
- Work to develop, enhance and document security architecture, security policies, patterns, procedures, guidelines, and standards required to design cloud-based solutions
- Educate information security architects on secure solution design and industry best security practices
- Work on assessments of compliance and standards including and not limited to NIST, FedRAMP, FIPS, etc.
- Support threat modeling and update information security architecture as needed.
- Support InfoSec product squads with Security implementations and issues
QualificationsMinimum Required Experiences
- 8 years of experience in an Information Technology profession
- Minimum of 5 years of experience in IT security risk assessments and related frameworks (e.g., NIST 800 series, ISO 27000 series, IT General Controls
- 4+ years of experience in AWS as a Cloud Security Architect/Engineer
- AWS Solution Architect Associate or Professional certification
- AWS Security Speciality certification
- Experience identifying and determining levels of risk to an organization's networks and systems using cybersecurity techniques
- Bachelor degree or equivalent
- Additional certifications: Sec+, CSA, Azure Sec, GCP Sec
- Security engineering/administration background leveraging IAM/PKI, SIEM, Network firewalls, host-based security, and security configuration
- Cloud agnostic security architecture experience a plus
- Serve as an expert in Fannie Mae’s Information Security capabilities, solutions policies, procedures, and standards.
- Act to apply NIST frameworks on all cloud patterns, capabilities, and application migrations
- Influence technical patterns and capabilities to apply security and cloud policy to shift left in the development processes
- Act as a central point of contact for all conceptual knowledge of regulations for PCI, Sarbanes-Oxley, GLBA, and FISMA
- Responsibilities include setting the compliance strategy for infrastructure and application build, deploy, monitor, and operate applications.
- Candidate should have architected applications at scale on modern cloud native architectures (AWS).
- The candidate needs expertise to architect cloud native infrastructure using containerization and microservices transformation in application APIs and address platform operational security concerns.
- Plan and document design methods for the optimization and integration of various technology platforms, tools, policies, and principles that lead to target state implementation with cloud policy and compliance.
- Deep Knowledge in containerization of applications, design, and deployment
- Skilled in Amazon Web Services (AWS) offerings, development, and networking platforms
- Experience with Agile Tools and methodologies
- Experience in object-oriented programming preferable JAVA, Python, etc.,
- Knowledge of storage software platforms such as NetApp, Nimble, and Pure Storage
- Knowledge of ITSM Tools e.g., ServiceNow to manage digital workflows
- Experience using APIs for developing or programming software
- Skilled in CICD Tools and Pipelines
- Knowledge of virtualization software such as Microsoft Hyper-V, VMWare vSphere, or Citrix XenDesktop.
- Container Security experience to protect container workloads during build and run-time
- API Security architecture experience with industry standard API Gateways
- Skills related to Relationship Management including managing and engaging stakeholders, customers, and vendors, building relationship networks, contracting, etc.
- Skilled in presenting information and/or ideas to an audience in a way that is engaging and easy to understand
- Experience working with people with different functional expertise at all levels including leadership torespectfully and cooperatively work toward a common goal
- Skills related to influencing including negotiating, persuading others, facilitating meetings, and resolving conflict
Additional InformationJOB REFID: 10063Q
In response to COVID-19, Fannie Mae has adapted ourworkplace and hiring processesto better safeguard our employees, candidates, and new hires.We understand that this is an unprecedented situation and Fannie Mae is committed to creating protocols for these processes that are agile and conform with federal, state, and local health administration guidance. While the company's operating status for on-site work is currently voluntary, the majority of Fannie Mae's workforce is remote until further notice. We continue to conduct all interviews and onboarding virtually. In addition, all employees who wish to come on site must be fully vaccinated against COVID-19 and enter their vaccination information into a confidential HR system before arriving at the facility, unless they have an approved accommodation.Click hereto go directly to information about accommodations.The future is what you make it to be. Discover compelling opportunities at careers.fanniemae.com.Fannie Mae is an Equal Opportunity Employer, which means we are committed to fostering a diverse and inclusive workplace. All qualified applicants will receive consideration for employment without regard to race, religion, national origin, gender, gender identity, sexual orientation, personal appearance, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation in the application process, email us at [emailprotected]