As a valued contributor to our team, you will consult with the team and management in assessing and identifying potential risks that may threaten our reputation, safety, security, and/or financial success, as well as consult on communicating and collaborating with key stakeholders across the enterprise, and understand business objectives.
THE IMPACT YOU WILL MAKE
The SF Operational Risk - Risk Management - Principal role will offer you the flexibility to make each day your own, while working alongside people who care so that you can deliver on the following responsibilities:
- Consult with team to understand the risk landscape for key risk areas listed above and support risk management activities that drive to address risks or potential risks as well as make process recommendations to management.
- Advise management on the impact of proposed risks to the enterprise and recommend updates and changes.
- Recommend changes and updates to management about processes to reduce risk
- Collaborate with management to make recommendations on resolutions and control guidelines.
- Partner with management to develop business strategies and make decisions that will drive success in the face of shifting consumer behaviors and regulations.
- Partner with first and second lines of defense and other peer risk teams to understand the landscape of risk for SF across the various risk types listed above, develop approach to gathering appropriate data and information and communicating to the SFOR Business Risk teams as well as to the SF business unit as appropriate.
- Act as SME for the various risk types for SFOR and SF and educate the team and business to bring them along on the journey.
THE EXPERIENCE YOU BRING TO THE TEAM
Minimum Required Experiences
Desired Experiences
- Bachelor’s degree in Computer Science, Information Technology, Information Systems, Risk Management, or related field.
- Technical Certifications a plus: Certified Cloud Security Professional (CCSP), CompTIA Cloud+, (Cisco Certified Network Professional) CCNP, AWS Certified Solutions Architect, Microsoft Certified Azure Developer or Engineer, Google Professional Cloud Network Engineer
- Risk Management and/or Operational Risk Certifications a plus (e.g. American Business Association certifications, Risk Management Professional)
- Must have strong, proven experience specifically in Technology/Information Security/Cyber Risk Management/Cloud background, Data Risk Management, 3rd party risk management (including experience in 4th party risk management) and/or Model Risk Management
- Working knowledge of technology risk, 3rd party risk and model risk management frameworks, methodologies, and standards, such as COBIT, ISO 27001, NIST, etc.
- Experience working in first and/or second line risk organizations in support of Technology/IS, Data, Third Party and/or Model risk programs.
Skills
- Risk framework development and understanding including identifying risks, evaluating, designing and documenting controls, conducting impact assessments, identifying control gaps, remediating risk, audits, regulatory exams, etc.
- Skilled in creating visual concepts, creating content, and editing content by hand or with the help with computer software to communicate ideas
- Working with people with different functional expertise respectfully and cooperatively to work toward a common goal
- Framework and governance development including designing and establishing frameworks, developing roadmaps, translating into needs of the team and business, etc.
- Skilled in presenting information and/or ideas to an audience in a way that is engaging and easy to understand, specifically to Executive and Senior Leadership
- Influencing including negotiating, persuading others, facilitating meetings, and resolving conflict
- Relationship Management including managing and engaging stakeholders, customers, vendors, and building relationship networks
- Experience helping an organization to plan and manage change in effort to meet strategic objectives
- Adept at managing project plans, resources, and people to ensure successful project completion
- Experience identifying and selecting strategic options, and identifying resources to meet the defined objectives
Tools
- Experience using Risk Works
- Skilled in InfoPath
- Experience using SharePoint
- Skilled in Tableau
- Skilled in MS Office Tools
- Experience using Fusion Risk Management
- Skilled in Plan It for scheduling
- Skilled in Microsoft Teams
- Skilled in Visio
The future is what you make it to be. Discover compelling opportunities at careers.fanniemae.com.
Fannie Mae is primarily a hybrid company. We embrace flexibility for our employees while providing office space for in-person work and collaboration. This role is classified as (Remote/Hybrid/Onsite). If you speak with a Recruiter, they will provide you with more information about the definition of this classification.
Fannie Mae is an Equal Opportunity Employer, which means we are committed to fostering a diverse and inclusive workplace. All qualified applicants will receive consideration for employment without regard to race, religion, national origin, gender, gender identity, sexual orientation, personal appearance, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation in the application process, email us at [email protected].
The hiring range for this role is set forth on each of our job postings located on Fannie Mae's Career Site. Final salaries will generally vary within that range based on factors that include but are not limited to, skill set, depth of experience, certifications, and other relevant qualifications. This position is eligible to participate in a Fannie Mae incentive program (subject to the terms of the program). As part of our comprehensive benefits package, Fannie Mae offers a broad range of Health, Life, Voluntary Lifestyle, and other benefits and perks that enhance an employee’s physical, mental, emotional, and financial well-being. See more here.