Common Securitization Solutions

Welcome page

IT Risk Management Principal- Cyber

Job Locations US-Remote
Job ID
2025-2343
# of Openings
1
Category
Risk Management
Type
Regular Full-Time

OVERVIEW

 

The Company

 

U.S. Financial Technology (U.S. FinTech) is seeking an experienced IT Risk Management Principal-Cyber to join our team of talented professionals. This is a full-time remote opportunity. 

 

U.S. FinTech built and operates the largest and most advanced mortgage securitization platform in the world, supporting the Uniform Mortgage-Backed Security (UMBS) of Fannie Mae and Freddie Mac.

 

Supporting 70% of the mortgage-backed securities in the market, U.S. FinTech provides best-in-class single-family issuance, bond administration, disclosure, and tax services. We support a broad portfolio of products for our clients with full lifecycle management.

 

Our market-leading, cloud-based, end-to-end platform executes transactions on an extraordinary scale which has bolstered liquidity in the secondary mortgage market, one of the largest and most important financial markets in the world. Our unique approach to securitization combines the best minds in financial services with the know-how, flexibility, and innovation of leading technologists.

RESPONSIBILITIES

 

Job Information

The Enterprise Risk Management division is seeking an Enterprise Risk Management Principal- Cyber Security with experience in Cyber Security risk management. This role will report to the Director of IT Risk Management. The Principal will have demonstrated experience and related credentials/certifications to evidence subject matter expertise level of knowledge and management of technology and information security risks, to provide effective review and challenge to help identify existing and emerging risks, and subsequent risk mitigation strategies, to ensure compliance with the organization’s policies, programs, standards, and related regulatory requirements.  


Key Job Functions

  • Serve as a senior Information security and cyber risk advisor in the 2nd line of defense overseeing and challenging the cyber and tech risk management practices of 1st line. 
  • Independently assess and monitor the company’s cybersecurity posture, including governance, security and technology roadmaps, architecture, monitoring, attack surface management, incident response, threat intelligence, cloud security, identity and access management. 
  • Evaluate the design and effectiveness of cybersecurity controls and resilience, and credible challenge identified risks, Issues and their remediation, Risk Acceptances, monitoring and reporting.
  • Drive continuous improvement in cyber and technology risk management maturity across the enterprise 
  • Responsible for ensuring completion of comprehensive risk assessments, documentation, risk mitigation guidance, and related reporting for key enterprise initiatives across various platforms/environments (i.e., Cloud, etc.), including efforts including external partners and/or clients.  
  • Ensuring thorough review/credible challenge of identified risks, issue mitigation/remediation, monitoring, and reporting. 
  • Be a thought leader seeking to maximize opportunities within regulations to create a high- performing balance sheet. 
  • Responsible for risk assessment and guidance regarding the enterprise Change Management process, SLOD risk assessment reviews, guidance, and related decisioning. 
  • Monitor and report on information security emerging and key risks impacting and/or potentially impacting the enterprise and new defense capabilities and tools, from a SLOD perspective. Provide senior management and related committees with SLOD Information Security risk perspective and/or profile updates on a periodic basis. 

QUALIFICATIONS

 

Education   

  • At a minimum, a bachelor's degree from an accredited 4-year college or university 

 

Minimum Experience  

 

  • Minimum of 10 years of experience in information security risk management
  • Active participation/engagement in information security, and risk management conferences, webinars, and related activities, to ensure awareness and competency regarding information security threat landscapes, effective risk management practices/standards, and risk management tools/solutions, is expected. 
  • Has certification(s) relative to technology platforms, network standards, and environments, information security, data management, and/or risk management disciplines. 
    • Basic Certifications: Information Security related such as CISSP, CCSP, CISA 
    • Additional Preferred Certifications:  AWS Certified Solutions Architect, AWS Certified Security - Specialty 
  • Applicants must be authorized to work in the US without requiring employer sponsorship currently or in the future. U.S. FinTech does not offer H-1B sponsorship for this position.

 

Specialized Knowledge & Skills     

  

  • Deep understanding of cybersecurity risk domains including cloud security (AWS), web and network protocols, identity and access management, end point protection, firewalls, intrusion detection and protection, security architecture, incident management and vulnerability and threat management.
  • Familiarity with major frameworks and regulations like NIST 800-53, SOC, CIS controls etc.
  • Experience performing control design assessments, issue assurance and validation.
  • Strong analytical and critical thinking skills, with the ability to challenge constructively and influence senior stakeholders
  • Progressive experience leading technology risk, information security enterprise/operational risk management and cross-functional teams and managing projects.
  • Hands-on, independent, and accountable management style.
  • Strong leadership, written and verbal communication skills with the capability of managing multiple concurrent responsibilities/tasks.
  • Demonstrated analytical skills and experience working in and/or with Information Security and related teams.
  • Demonstrated ability to work in a fast-paced, complex, and dynamic environment with cross-functional teams, take ownership of deliverables, and drive assigned tasks to completion, timely.
  • Demonstrated knowledge and experience in project management practices, Agile development concepts, and software and security development lifecycles.
  • Knowledgeable in the usage and functionality of Microsoft Office Products, specifically: Outlook – Advanced User; Word – Advanced User; Excel – Moderate User; Visio and PowerBI – Moderate User, etc.  

Pay Range $181,250 to $208,500

U.S. FinTech's pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) a candidate’s qualifications, skills, competencies, and experience, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law. U.S. FinTech offers a competitive total compensation package, which includes a performance bonus, 401k match, healthcare coverage, PTO, and a broad range of other benefits.

 

Employment

As a condition of employment with U.S. Financial Technology, any successful job applicant will be required to  successfully complete a background investigation, which may also include a credit check for positions in some areas of our business.   

     

U.S. Financial Technology is an Equal Opportunity Employer.

 

##LI-Remote

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.