Build Your Career in Cybersecurity -
YOUR WAY

Position Overview:

​

The Cloud Security Posture Architect Technical Lead will collaborate the organizations security architecture team to validate the implementation of security controls within Lines of Business (LOB) systems and solutions. This role focuses on ensuring robust security measures across LOB projects and initiatives! This role will be directly involved in the validation of secure design of LOB applications and enterprise services in addition to the following:

​

Company Overview:

​

At Freddie Mac, you will do important work to build a better housing finance system and you’ll be part of a team helping to make homeownership and rental housing more accessible and affordable across the nation.

​

Today, Freddie Mac makes home possible for one in four home borrowers and is one of the largest sources of financing for multifamily housing. Join our smart, creative and dedicated team and you’ll do important work for the housing finance system and make a difference in the lives of others.

​

We are an equal opportunity employer and value diversity and inclusion at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by applicable law. We will ensure that individuals with differing abilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

• Work with the Project Team’s solution architects and technical team members to validate that security solution architectures are following the organization’s InfoSec policies, standards, non-functional requirements, reference architectures and patterns under the guidance of senior staff Domain Security Architects
• Identify security risks and provide recommendations, solutions, and options to best mitigate those risks
• Have advanced knowledge in cloud security services to evaluate security and compliance in a variety of cloud platforms
• Collect, interpret, evaluate, and validate business requirements, functions and processes associated with assigned projects
• Have a detailed understanding of industry standard Information Security control frameworks such as ISO 27001/27002, NIST, CIS and for cloud-specific control frameworks such as the Cloud Security Alliance (CSA) Cloud Control Matrix (CCM)

Required Qualifications:

​

• 8-10 years of information technology experience, preferably within the financial services and/or mortgage industry
• Advanced working knowledge of Azure Security Center, AWS CloudWatch and CloudTrail
• Cloud security (IaaS, PaaS, and SaaS) across multiple cloud platforms such as Azure, AWS, and Google.
• Demonstrate basic understanding the concepts and application of the following:
• Cloud Security Posture Management (CSPM)
• Cloud-Native Application Protection Platforms (CNAPP)
• Demonstrate basic understanding the concepts and application of the following architecture and design principles and practices:
• Network security and segmentation
• Mobile device security (smartphones, tablets, iPads, etc.), to include Bring Your Own Device (BYOD)
• Basic understanding of one or more of the following technologies:
• Next Generation Firewalls
• External Secure Web Gateways and CASBs
• Network and Host-based IDS/IPS
• Security Information and Event Management (SIEM)
• Identity and Access Management (IAM)
• ADFS and other federated technologies, including Active Directory, SAML, OAuth, OIDC, and SSO integrations.
• BA/BS degree in Computer Science, Information Systems or a related technical field, or the equivalent combination of education and experience

​

Preferred Qualifications:

​

• AWS Certified Solutions Architect (Associate, Professional)
• AWS Certified Security – Specialty certification
• Google Professional Cloud Architect
• CISSP (+ ISSAP), CCSP
• CompTIA Security +, Associate of IC2
• SABSA (F1 & F2 minimum) are a plus

• Our Impact: This role ensures a robust and resilient operating environment that conforms to all regulatory, corporate and IT requirements! The Information Security Architect team aids in the validation of secure design in solutions and enterprise architecture. The extended coverage this position will provide is paramount to the success of Freddie Mac security architecture maturity.
• Your Impact: This role provides validation, oversight, consultation, advisory, controls design, compliance framework adherence and patterns documentation to the benefit of IT and the businesses.
• Keys to Success in this Role:
• A customer-focused demeanor
• Commit to execution
• Continuous improvement to work processes and documentation
• Experience within the Financial Services/Mortgage industries.
• Additional Notices:
• Current Freddie Mac employees please apply through the internal career site.
• Notice to External Search Firms: Freddie Mac partners with BountyJobs for contingency search business through outside firms. Resumes received outside the BountyJobs system will be considered unsolicited and Freddie Mac will not be obligated to pay a placement fee. If interested in learning more, please visit www.BountyJobs.com and register with our referral code: MAC.
• CA Applicants: Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

​

Freddie Mac offers a comprehensive total rewards package to include competitive compensation and market-leading benefit programs. Information on these benefit programs is available on our Careers site.

​

This position has an annualized market-based salary range of $150,000 - $224,000 and is eligible to participate in the annual incentive program. The final salary offered will generally fall within this range and is dependent on various factors including but not limited to the responsibilities of the position, experience, skill set, internal pay equity and other relevant qualifications of the applicant.

Time-type: Full time

​

FLSA Status: Exempt

Summary:

The Incident Response Analyst is a mid-level role that is responsible for monitoring the overall performance of Cosmʼs C360 product infrastructure, and systems, to ensure the reliability of our live video productions and broadcasts. This includes identifying and resolving high visibility incidents and escalations, contributing to the strategic planning to prevent incidents, and it also plays a pivotal role in shaping the overall operating framework.

​

Company Overview:

Cosm is a global technology company that brings experiences to life in immersive environments. We help our partners create spaces and content that blur the lines of real and virtual across three primary markets: Sports and Entertainment, Science and Education, and Parks and Attractions. Cosm was born from the fusion of some of the greatest innovators in the history of technology. Evans & Sutherland, Spitz, Inc., and Cosm Immersive combined forces to power the immersive experiences of the future as Cosm. Innovation is in our DNA.

• Independently monitor our C360 product infrastructure, systems and live video streams.
• Lead the diagnosis, prioritization, escalation, resolution and documentation of critical incidents.
• Act as a primary point of contact for high-level impact incidents and escalations.
• Collaborate with engineering to implement incident remediations and follow-up.
• Generate and deliver regular incident and operational reports to stakeholders.
• Coordinate upgrades, outages, and planned activities with cross-functional teams.
• Provide mentorship and guidance to less-tenured team members.
• Contribute to refining and enhancing Ops Center tools, processes, and procedures.
• Work closely with field services teams to gather feedback and improve reliability.
• Ability to work nights and weekends to support high-priority business events.

Required Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or related field.
• 5 years of experience in an Ops Center, incident management, or similar role.
• Proficiency in incident management tools and systems (e.g., Grafana, ServiceNow).
• Experience supporting infrastructures and configuring SaaS applications.
• Strong analytical, communication, and problem-solving skills.
• Ability to lead and work effectively in a team environment.
• Knowledge of ITIL or similar incident/service management frameworks.
• Demonstrated ability to manage high-pressure situations and multiple incidents.
• Previous experience in a 24/7 operations center.

Cosm is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

Summary

​

Comcast brings together the best in media and technology. We drive innovation to create the world's best entertainment and online experiences. As a Fortune 50 leader, we set the pace in a variety of innovative and fascinating businesses and create career opportunities across a wide range of locations and disciplines. We are at the forefront of change and move at an amazing pace, thanks to our remarkable people, who bring cutting-edge products and services to life for millions of customers every day. If you share in our passion for teamwork, our vision to revolutionize industries and our goal to lead the future in media and technology, we want you to fast-forward your career at Comcast.

​

Job Summary

​

The Specialist, Security Operations Center (SOC), supports the monitoring and response to internal and external security events with potential impact on senior leadership, staff, business assets, reputation, and facilities. This role assists in conducting video patrols, monitoring security camera feeds, and investigating security alarms. The Specialist contributes to the analysis of security incidents and the monitoring of open-source media for security-related events. They provide support in executing security policies, maintaining physical security systems, and communicating significant matters to the management team. Exceptional communication and organizational skills are required to collaborate effectively with stakeholders.

• Assists in monitoring internal and external security events to identify potential threats and vulnerabilities.
• Supports video patrols, monitors security camera feeds, and participates in the investigation of security alarms.
• Contributes to the analysis of security incidents, reviewing findings, and identifying patterns or trends.
• Supports the monitoring of open-source media for security-related events and potential impacts.
• Provides timely and accurate information to support the protection of people, assets/intellectual property, and facilities.
• Follows security policies and procedures to ensure compliance and contribute to process improvement.
• Assists in the monitoring and maintenance of physical security systems.
• Documents and communicates relevant information to support decision-making processes.
• Supports training activities for new Specialists and third-party Security Operators.
• Assists in the development of standard operating procedures (SOPs) and training materials.
• Communicates effectively with peers, partners, customers, and employees.
• Participates in the continuous improvement of SOC processes and procedures.
• Maintains awareness of emerging threats, vulnerabilities, and industry best practices.

Required Qualifications

​

• Demonstrated ability to work in a dynamic environment and manage multiple tasks.
• Strong communication and interpersonal skills.
• Proficiency in computer skills (Word, Excel, PowerPoint, and Outlook).
• Basic knowledge of access control, video management, and intrusion detection systems.
• Familiarity with incident management processes.
• Analytical mindset with the ability to identify and escalate critical issues.
• Attention to detail and accuracy in work.
• Awareness of relevant regulations and compliance requirements.
• Interest in threat intelligence platforms and tools.
• Understanding of basic network security concepts and protocols.
• Familiarity with physical security systems.

​

Preferred Qualifications

​

• Certification or accreditation from a risk or security management program such as: Certified Protection Professional (CPP), Physical Security Professional (PSP), Certified Emergency Manager (CEM), Certified Business Continuity Professional (CBCP), Certified Information Systems Security Professional (CISSP), or CompTIA Security+ is a plus.
• Emergency Medical Responder (EMR) certification preferred.
• Security operations center, call center, or emergency dispatch center experience is a plus.

• Schedule: Monday-Friday 2pm-10pmShift Assignments are subject to change based off the needs of the business.

​

• Working Conditions:
• Position requires sitting, heavy phone usage, and screen exposure for extended periods of time.
• Must be flexible with schedules and willing to work holidays, nights, weekends, and overtime.
• Potentially high-stress environment with exposure to multiple aspects of emergency incidents.

​

• Comcast's Expectations:Employees at all levels are expected to:
• Understand our Operating Principles; make them the guidelines for how you do your job.
• Own the customer experience - think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services.
• Know your stuff - be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences.
• Win as a team - make big things happen by working together and being open to new ideas.
• Be an active part of the Net Promoter System - a way of working that brings more employee and customer feedback into the company - by joining huddles, making call backs and helping us elevate opportunities to do better for our customers.
• Drive results and growth.
• Respect and promote inclusion & diversity.
• Do what's right for each other, our customers, investors and our communities.

​

• Disclaimer:This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications.