Freddie Mac
Information Security Operations And Engineering Role
At Freddie Mac, our mission of Making Home Possible is what motivates us, and it's at the core of everything we do. Since our charter in 1970, we have made home possible for more than 90 million families across the country. Join an organization where your work contributes to a greater purpose. This role will be part of the Information Security Operations and Engineering department. This position is responsible for providing Public Key Infrastructure (PKI), Cryptography, Certificate and Key Management (KCM), Data-at-Rest and Data-in-Transit Encryption support for the infrastructure and applications across multi-site enterprise cloud and data center environments. This position has an on-call requirement and could require after-hours support on weekdays and weekends to support Incidents. Our team is a dynamic, hard-working team that is tasked with providing cryptography expertise to the firm, including encryption (at-rest and in-transit) and key management services. Your impact: Technical leadership Support of design, build and operations Change agent Team leadership Qualifications: Bachelor's Degree in Information Technology, Engineering, Computer Science, related field or equivalent experience. At least 8-10 years of relevant experience in IT Security. 5+ years of experience planning, designing and implementing of PKI infrastructure, including integration with core infrastructure components (servers, desktops and other devices) to automate the management of the certificate lifecycle (issuance, notification of expiration/revocation, replacement with restart of impacted services) and SSH keys in a large organization. Experience with scripting languages Python, PowerShell, shell scripting, JavaScript, Perl, SQL. Possess good working knowledge of PKI Cryptographic solutions, SSL/TLS, multi-factor authentication, X.509 token, single sign-on, federated identity, SSH and certificate management solutions. Knowledge of security issues, techniques and implications across computing platforms. Knowledge of Ping, SMARTCARD and Multifactor authentication. Knowledge of information security standards (e.g., ISO, NIST). Exposure to varied operating systems UNIX/Linux, Windows. Experience designing and implementing cloud-based solutions. Experience with operational server and client use of PKI for Network Authentication, TLS (cipher suite) configuration across multiple systems/clients (Windows, Linux), enrollment and installation and troubleshooting experience. Experience with AppViewX, EJBCA, AWS KMS, ADCS, Vormetric, Venafi a plus. Experience with use of PKI for systems and processes supporting web presence (Web PKI), including Apache, Weblogic, and other front-end servers and processes. General understanding of key IT components Secure LDAP, Networking, firewall, load balancing, Federated Identity. Key to success in this role: Works autonomously to provide technical guidance to the team. Good communication and team player. Strong written and oral communications skills. Proactive in nature with customer satisfaction as primary goal. Innovative in providing solutions, likes to take on challenges with calculated risk. Quick learner of new technologies and tools. Detail oriented mindset Eager to learn new technologies as organizational evolution is incurred
At Freddie Mac, our mission of Making Home Possible is what motivates us, and it's at the core of everything we do. Since our charter in 1970, we have made home possible for more than 90 million families across the country. Join an organization where your work contributes to a greater purpose. This role will be part of the Information Security Operations and Engineering department. This position is responsible for providing Public Key Infrastructure (PKI), Cryptography, Certificate and Key Management (KCM), Data-at-Rest and Data-in-Transit Encryption support for the infrastructure and applications across multi-site enterprise cloud and data center environments. This position has an on-call requirement and could require after-hours support on weekdays and weekends to support Incidents. Our team is a dynamic, hard-working team that is tasked with providing cryptography expertise to the firm, including encryption (at-rest and in-transit) and key management services. Your impact: Technical leadership Support of design, build and operations Change agent Team leadership Qualifications: Bachelor's Degree in Information Technology, Engineering, Computer Science, related field or equivalent experience. At least 8-10 years of relevant experience in IT Security. 5+ years of experience planning, designing and implementing of PKI infrastructure, including integration with core infrastructure components (servers, desktops and other devices) to automate the management of the certificate lifecycle (issuance, notification of expiration/revocation, replacement with restart of impacted services) and SSH keys in a large organization. Experience with scripting languages Python, PowerShell, shell scripting, JavaScript, Perl, SQL. Possess good working knowledge of PKI Cryptographic solutions, SSL/TLS, multi-factor authentication, X.509 token, single sign-on, federated identity, SSH and certificate management solutions. Knowledge of security issues, techniques and implications across computing platforms. Knowledge of Ping, SMARTCARD and Multifactor authentication. Knowledge of information security standards (e.g., ISO, NIST). Exposure to varied operating systems UNIX/Linux, Windows. Experience designing and implementing cloud-based solutions. Experience with operational server and client use of PKI for Network Authentication, TLS (cipher suite) configuration across multiple systems/clients (Windows, Linux), enrollment and installation and troubleshooting experience. Experience with AppViewX, EJBCA, AWS KMS, ADCS, Vormetric, Venafi a plus. Experience with use of PKI for systems and processes supporting web presence (Web PKI), including Apache, Weblogic, and other front-end servers and processes. General understanding of key IT components Secure LDAP, Networking, firewall, load balancing, Federated Identity. Key to success in this role: Works autonomously to provide technical guidance to the team. Good communication and team player. Strong written and oral communications skills. Proactive in nature with customer satisfaction as primary goal. Innovative in providing solutions, likes to take on challenges with calculated risk. Quick learner of new technologies and tools. Detail oriented mindset Eager to learn new technologies as organizational evolution is incurred