Senior Cyber Technology Risk Analyst

Senior Cyber Technology Risk Analyst – Fidelity Investments

Join to apply for the Senior Cyber Technology Risk Analyst role at Fidelity Investments. This position is part of the Enterprise Technology Risk & Analytics (ETRA) group and focuses on developing next‑generation technology risk capabilities.

• Partner with the various enterprise cybersecurity (ECS) functions to execute second line of defense risk activities such as performing risk assessments, evaluating applicability to external audit, testing controls, and supporting the design and implementation of new controls to mitigate emerging risks.
• Collaborate with ECS teams including Application & Infrastructure Security, Workforce & Identity Management, External & Vendor Defense, Threat Detection and Response, Data Protection & Analytics, Information Security Office, and Fraud Intelligence Unit.
• Build and maintain collaborative working relationships with information technology and business personnel to design and assist in the execution of appropriate controls design and monitoring.
• Provide support in the analysis, development and monitoring of controls, and present recommendations to senior management.

• 4‑6 years’ relevant work experience in information technology risk, cybersecurity, controls or audit roles.
• Experience in fraud risk frameworks is a plus.
• Bachelor’s Degree in Computer Science, Technology, or a related field of study preferred.
• Professional technology and risk certifications (CISSP, CISA, CRISC, CISM), risk/fraud examiners (CRE, CFE), and/or Cloud certifications (CCSP, CCSK, AWS) preferred.
• Experience performing technology risk assessments, control assessments or IT audits, or implementing cybersecurity controls for large-scale financial service organizations (cloud, distributed, vendor solutions, mainframe, and network environments).
• Demonstrated technical abilities in multiple areas (technology infrastructure and application controls, cybersecurity, access management, network and cloud, resiliency, etc.).
• Working knowledge of cloud security and controls and cloud technology environments (AWS/Azure, SaaS, PaaS).
• Strong knowledge of information technology processes and controls and a comprehensive understanding of risk, quality control and assurance functions.
• Excellent verbal and written communication skills, with the ability to prepare and present recommendations to senior management.
• Knowledge of industry standards, frameworks and best practices, such as NIST SP 800‑53, COBIT, AICPA Trust Principles, ISO
  27001, HITRUST is preferred.
• Knowledge of Governance, Risk, and Compliance (GRC) tools, such as Archer or Open Pages is preferred.

Note:

Fidelity is not providing immigration sponsorship for this position.