Apply on Employer Site

Fidelity Investments · 7 hours ago

Senior Cyber Technology Risk Analyst

Merrimack, NH

Full-time

Hybrid

Mid, Senior Level

4+ years exp

Fidelity Investments is seeking a passionate, driven, and experienced professional to join their Enterprise Cybersecurity Risk team. The role focuses on developing Next-Gen capabilities in Technology Risk by executing risk assessments, testing controls, and supporting the implementation of new controls to mitigate emerging risks.

Asset ManagementFinanceFinancial ServicesRetirementWealth Management

Growth Opportunities

No H1B

Responsibilities

Partnering with the various enterprise cybersecurity (ECS) functions to execute second line of defense risk activities such as performing risk assessments, evaluating applicability to external audit, testing controls, and supporting the design and implementation of new controls to mitigate emerging risks

Collaborate with the various ECS teams including Application & Infrastructure Security, Workforce & Identity Management, External & Vendor Defense, Threat Detection and Response, Data Protection & Analytics, Information Security Office, and Fraud Intelligence Unit

Qualification

Cybersecurity risk assessmentsTechnology risk frameworksProfessional certificationsCloud security knowledgeGovernanceRiskCompliance toolsAnalytical skillsRelationship managementProcess orientationCommunication skills

Required

4-6 years' relevant work experience in information technology risk, cyber security, controls or audit roles

Experience performing Technology risk assessments, Control assessments or IT Audits or implementing Cybersecurity controls for large scale financial service organizations (cloud, distributed, vendor solutions, mainframe, and network environments)

Demonstrated technical abilities in multiple areas (e.g., technology infrastructure and application controls, cyber security, access management, network and cloud, resiliency, etc.)

Working knowledge of Cloud security and controls and cloud technology environments (AWS/Azure, SaaS, PaaS)

You have a strong knowledge of information technology processes and controls and a comprehensive understanding of risk, quality control and assurance functions

Your love of solving complex problems, and comfort with ambiguous situations, and your ability to help solution innovative ways to mitigate risk using your advanced analytical and critical thinking skills

Your ability to build and maintain collaborative working relationships with Information Technology and Business personnel to design and assist in the execution of appropriate controls design and monitoring

Your process orientation and understanding of operations and technology enabling you to provide support in the analysis, development and monitoring of controls

Your excellent verbal and written communication skills enabling you to prepare and present recommendations to senior management

Preferred

Experience in fraud risk frameworks a plus

Bachelor's Degree in Computer Science, Technology, or a related field of study preferred

Professional technology and associated risk certifications (CISSP, CISA, CRISC, CISM), Certified risk/fraud examiners (CRE, CFE), and/or Cloud Certification(s) (CCSP, CCSK, AWS) preferred

Knowledge of Industry standards, frameworks and best practices, such as NIST SP 800-53, COBIT, AICPA Trust Principles, ISO27001, HITRUST is preferred

Knowledge of Governance, Risk, and Compliance (GRC) tools, such as Archer or Open Pages is preferred