Non-Financial Risk Programs Lead - Technology and Operations Risk Management - Director

Playing an essential role in the U.S. economy, Fannie Mae is foundational to housing finance. Here, your expertise can help fuel purpose-driven innovation that expands access to homeownership and affordable rental housing across the country. Join Fannie Mae to grow your career and help people find a place to call home. Job Description We are seeking an accomplished and strategic leader to serve as the lead of Non-Financial Risk Programs (First Line Risk), responsible for executing, leading, and scaling core risk programs across the first line of defense. This role owns the end-to-end execution and continuous improvement of enterprise non-financial risk programs leveraging AI—including Risk & Control Self-Assessments (RCSA), Issue Management, Operational Risk Events, and Target State / Control Maturity Assessments. You will play a critical role in strengthening risk discipline, transparency, and accountability across the business, ensuring risk is proactively identified, measured, managed, and embedded into day-to-day operations across Technology and Operations in alignment with enterprise risk standards and regulatory expectations. Position is based out of Plano, TX. Fannie Mae does provide the opportunity for relocation assistance. The Impact You Will Make As a First Line Risk Lead for Non-Financial Risk (NFR) programs—specifically focused on Risk and Control Self-Assessment (RCSA), Issue Management, and Risk Events—you will serve as a critical link between day-to-day business activities and the enterprise risk framework. This role ensures risks are identified, mitigated, and reported in alignment with risk appetite, internal policies, standards, and regulatory requirements, strengthening risk discipline, transparency, and outcomes across critical technology and operations domains. Key Responsibilities • Lead end-to-end execution and ownership of the Risk and Control Self-Assessment (RCSA) program, including bi-annual or annual risk assessments, inherent and residual risk ratings, control documentation, walkthroughs, and evaluation of control design and operating effectiveness. • Oversee issue management and remediation activities, including identification, documentation, and tracking of control gaps, audit findings, and regulatory issues, ensuring timely closure supported by appropriate evidence and executive reporting. • Manage the identification, reporting, and analysis of non-financial risk events (incidents), including accurate classification, root cause analysis, and actions to prevent recurrence. • Integrate RCSA data with other non-financial risk programs (e.g., compliance, business continuity, IT security) to deliver a comprehensive and consolidated view of the risk profile. • Serve as a trusted advisor and subject-matter expert to senior leaders, process owners, and staff by providing guidance, training, and oversight to strengthen risk management practices and reinforce a strong risk culture across the business. Qualifications • 10-15 years of experience in operational risk management, non-financial risk, internal controls, or audit within financial services. • Demonstrated experience leading first line risk programs. • Deep understanding of RCSA methodologies, control design and assessment, issue management, and root cause analysis. • Proficiency with GRC platforms and analytics tools, including AI-enabled solutions and Business Intelligence tools such as Alteryx. • Strong stakeholder partnership, executive communication, and influence skills. Shows curiosity and adaptability in learning and responsibly applying new technologies, including artificial intelligence, to reimagine how we work. Preferred Qualifications: Advanced degree preferred. • Experience implementing or scaling technology-enabled governance, risk, and control solutions across complex organizations Qualifications Artificial Intelligence (AI), Artificial Intelligence (AI), Authentication Management, Business Process Management Skills, Collaborating Cross-Functionally, Communicating in Technical Writing, Communication, Compliance Requirements, Conflict Resolution, Coordination, Data Analysis, Data Analysis Interpretation, Data Mining, Data Visualization, Documentation Reporting, Governance and Compliance Skills, Impact and Risk Assessment, Improving Operations, Influencing Skills, Internal Control Design, Internal Control Evaluation, Key Risk Indicators Development, Leadership, Operational Risks, Process Design and Implementation {+ 19 more} Education: Bachelor's Level Degree (Required), Master's Level Degree The future is what you make it to be. Discover compelling opportunities at Fanniemae.com/careers. For most roles, employees are expected to work onsite on a regular basis at their designated office location. In-office work cadence is determined by your manager. Proximity within a reasonable commute to your designated office location is preferred unless the job is noted as open to remote. Fannie Mae is an equal opportunity emp