Senior Technical Lead, Information Security

At Freddie Mac, our mission of Making Home Possible is what motivates us, and it’s at the core of everything we do. Since our charter in 1970, we have made home possible for more than 90 million families across the country. Join an organization where your work contributes to a greater purpose.

Position Overview:

Seeking a Senior Technical Lead, Information Security Engineer to join the Cloud Security Engineering team. The candidate will be primarily responsible for ensuring robust cloud security, with a strong focus on evaluating and implementing security measures that protect cloud infrastructure, data, and APIs.

Our Impact:

This team is tasked with providing protection and security configuration management to the enterprise.

Your Impact:

• Serve as the principal engineer for secure cloud solutions, driving the design and implementation of advanced CI/CD pipelines, cloud-native technologies, and automation frameworks to proactively shift security left and enable rapid, scalable cloud adoption across the enterprise.
• Oversee the evaluation and configuration of security controls using both native and third-party cloud services, setting standards for best practices and continuous improvement.
• Partner with application owners, architecture teams, and executive stakeholders to shape and lead the organization’s overall security strategy, including cloud infrastructure and DevSecOps initiatives.
• Define and enforce perimeter protections, risk mitigation strategies, and robust information system integrity at an enterprise level.
• Establish, optimize, and govern operational processes and procedures, ensuring the effectiveness and scalability of security policies throughout the organization.
• Provide senior-level escalation support and strategic guidance to the Cyber Security Operations Center and Threat Detection Teams, recommending and prioritizing changes, updates, and enhancements to cloud security posture.
• Lead cross-functional coordination with infrastructure, engineering, and application support teams to ensure seamless deployment of new policies and swift resolution of complex issues impacting tools and systems, minimizing business disruption.
• Collaborate closely with other Information Security teams to ensure compliance with security policies, procedures, standards, and baseline configurations, and drive alignment with industry best practices.
• Champion IT Security standards, reference architectures, and innovative solutions, influencing adoption across the organization.
• Demonstrate expert-level knowledge of malware, threats, vulnerabilities, and their implications for enterprise environments.
• Engage and communicate with senior stakeholders to anticipate needs, evaluate alternative solutions, and guide strategic technical direction.

Qualifications:

• 10+ years of progressive experience in IT Security, with proven leadership in cloud security architectures.
• 7+ years of experience as a Cloud Engineer, Technical Lead, or similar senior role.
• Bachelor's Degree or equivalent experience; advanced studies/degree preferred.
• Extensive hands-on experience designing and deploying cloud security solutions, including advanced API security implementations.
• Advanced proficiency in scripting languages (Python, PowerShell, etc.) for automation, tool development, and process optimization.
• Expertise in cloud platforms (AWS, Azure, GCP), cloud security best practices, and a wide range of related security tools.
• Expertise with API management platforms (e.g., MuleSoft, Apigee) and their integration into enterprise security frameworks.
• Deep knowledge of industry security regulations and frameworks (MITRE ATT&CK, NIST, CIS CSC), with experience implementing enterprise-wide compliance programs.
• Advanced understanding of change management processes, including leading change review boards and driving organizational adoption.
• Comprehensive knowledge of networking concepts (routing, DNS, common ports, protocols, firewalls) and their security implications.
• Demonstrated experience with large-scale AWS deployments and mastery of Infrastructure-as-Code (IaC) practices (CloudFormation, Terraform).
• Exceptional organizational skills, with a proven ability to lead complex projects, multitask, and operate autonomously in dynamic environments.
• Experience with Security Information and Event Management (SIEM) systems for enterprise log management and security monitoring.

Keys To Success In This Role:

• Proven ability to lead and inspire teams, driving collaboration and high performance while modeling best practices.
• Exceptional communication skills, with the ability to translate complex technical concepts for diverse audiences, including executive leadership.
• Strong project management capabilities, with a track record of successfully leading security projects, prioritizing initiatives, and delivering results.
• Demonstrated commitment to mentoring and developing team members, fostering a culture of excellence and continuous improvement at all levels.

Current Freddie Mac employees please apply through the internal career site.

We consider all applicants for all positions without regard to gender, race, color, religion, national origin, age, marital status, veteran status, sexual orientation, gender identity/expression, physical and mental disability, pregnancy, ethnicity, genetic information or any other protected categories under applicable federal, state or local laws. We will ensure that individuals are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

A safe and secure environment is critical to Freddie Mac’s business. This includes employee commitment to our acceptable use policy, applying a vigilance-first approach to work, supporting regulatory mandates, and using best practices to protect Freddie Mac from potential threats and risk. Employees exercise this responsibility by executing against policies and procedures and adhering to privacy & security obligations as required via training programs.

CA Applicants:  Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

Notice to External Search Firms: Freddie Mac partners with BountyJobs for contingency search business through outside firms. Resumes received outside the BountyJobs system will be considered unsolicited and Freddie Mac will not be obligated to pay a placement fee. If interested in learning more, please visit www.BountyJobs.com and register with our referral code: MAC.

Time-type:Full timeFLSA Status:Exempt

Freddie Mac offers a comprehensive total rewards package to include competitive compensation and market-leading benefit programs. Information on these benefit programs is available on our Careers site.

This position has an annualized market-based salary range of $154,000 - $232,000 and is eligible to participate in the annual incentive program. The final salary offered will generally fall within this range and is dependent on various factors including but not limited to the responsibilities of the position, experience, skill set, internal pay equity and other relevant qualifications of the applicant.