Job Description:
Position Description:
Documents and communicates risk findings, while building data drive dashboards and trend reports to support leadership decision-making, using NIST, SOC, and COSO frameworks for governance, risk management, and compliance. Supports enterprise risk management by partnering with technology domains to assess the effectiveness of controls, implements automated monitoring and data analysis solutions to identify emerging risks, and informs proactive mitigation strategies. Identifies, assesses, and quantifies risks via data analytics, using MS Excel, SQL, Python, PowerBI and Tableau, and technical assessments (penetration testing, risk assessments, audits and vendor security assessments), enabling teams to proactively self-identify and remediate issues. Analyzes Key Performance Indicators (KPIs) to assess technology performance and optimize delivery models to improve scalability and operational efficiency. Develops plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure, and to meet emergency data processing needs.
Primary Responsibilities:
- Collaborates across cross-functional teams to break down complex solutions, drive consensus, and align enterprise-wide strategies.
- Monitors and reports security compliance on computing platforms including end user devices, critical enterprise APIs, server, and database systems to strengthen their protection against computer virus and other cyberattacks.
- Conducts risk assessments and tests data processing systems to ensure the operational integrity and security measures.
- Enables audit readiness and risk alignment by guiding technical teams through internal audits and risk assessments, to ensure control effectiveness and audit-ready documentation.
- Builds risk monitoring solutions to detect emerging risk patterns, track control performance, and provide actionable insights for continuous improvement.
- Collaborates with architects and engineering leads to define scalable, secure, and resilient controls across business units, embedding risk awareness into delivery practices.
- Support strategic risk initiatives by communicating complex technical issues to leadership, fostering trust and a strong risk control culture.
- Support operating model optimization by analyzing performance and risk metrics to identify inefficiencies and recommend improvements aligned with strategic goals.
Education and Experience:
Bachelor’s degree in Computer Science, Engineering, Information Technology, Information Systems, Cybersecurity, or a closely related field (or foreign education equivalent) and five (5) years of experience as a Principal Technology Risk Analyst (or closely related occupation) performing IT audits, penetration testing, and risk assessments using Cloud security, operating system technologies, SecDevOps, networking and cybersecurity tools, and scripting and data analytics, in an Enterprise Technology domain.
Or, alternatively, Master’s degree in Computer Science, Engineering, Information Technology, Information Systems, Cybersecurity, or a closely related field (or foreign education equivalent) and three (3) years of experience as a Principal Technology Risk Analyst (or closely related occupation) performing IT audits, penetration testing, and risk assessments using Cloud security, operating system technologies, SecDevOps, networking and cybersecurity tools, and scripting and data analytics, in an Enterprise Technology domain.
Skills and Knowledge:
Candidate must also possess:
- Demonstrated Expertise (“DE”) performing cybersecurity technology audit and risk analysis of applications within Cloud infrastructure environments (AWS and Azure services), using DivvyCloud, CloudDiscovery, Datadog, Snowflake, and SecureTrak; and performing cybersecurity assessments -- including system hardening, identity management, and data protection of server platforms (Linux, Unix, and Windows), databases (SQL, NoSQL, and Cloud-native), Mainframe TSS Z/OS, and IBM MQs -- using Microsoft Defender, Unix Shell scripting, Powershell Scripting, Splunk, and JSonar.
- DE planning and executing data-driven risk identification and mitigation engagements for large-scale digital platforms, using Splunk Logging, PowerShell scripting, Python Scripting, MS Excel, PowerBI for data analytics and visualization, and AWS Cloudtrail.
- DE evaluating end-to-end security of platforms and Continuous Integration and Continuous Delivery (CI/CD) pipelines (including penetration testing), using GitHub, Jenkins, CyberArk, HashiCorp Vault, and Artifactory.
Salary: $129,600.00 - $137,000.00/year.
#PE1M2
#LI-DNI
Certifications:
Category:
Information TechnologyMost roles at Fidelity are Hybrid, requiring associates to work onsite every other week (all business days, M-F) in a Fidelity office. This does not apply to Remote or fully Onsite roles. Some roles may have unique onsite requirements. Please consult with your recruiter for the specific expectations for this position.
Please be advised that Fidelity’s business is governed by the provisions of the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, the Investment Company Act of 1940, ERISA, numerous state laws governing securities, investment and retirement-related financial activities and the rules and regulations of numerous self-regulatory organizations, including FINRA, among others. Those laws and regulations may restrict Fidelity from hiring and/or associating with individuals with certain Criminal Histories.
Apply
All fields are required.
Benefits that balance life and work
From our fully paid parent leave to our on-site health and wellness centers, our benefits support the belief that more balance you have, the better you can achieve your goals.
Company overview
Company overview
At Fidelity, we are passionate about making our financial expertise broadly accessible and effective in helping people live the lives they want. We are a privately held company that places a high degree of value in creating and nurturing a work environment that attracts the best talent and reflects our commitment to our associates. We are proud of our diverse and inclusive workplace where we respect and value our associates for their unique perspectives and experience.
Reasonable accommodations
Fidelity will reasonably accommodate applicants with disabilities who need adjustments to participate in the application or interview process. To initiate a request for an accommodation contact the HR Accommodation Team by sending an email to accommodations@fmr.com, or by calling 800-835-5099, prompt 2, option 3.
Equal opportunity employer
Fidelity Investments is an equal opportunity employer. We believe that the most effective way to attract, develop, and retain a diverse workforce is to build an enduring culture of inclusion and belonging.
Hybrid work schedule
Fidelity’s hybrid working model blends the best of both onsite and offsite work experiences. Working onsite is important for our business strategy and our culture. We also value the benefits that working offsite offers associates. Most hybrid roles require associates to work onsite all business days of every other week in a Fidelity office.
Applicant screening
At Fidelity, we value honesty, integrity, and the safety of our associates and customers within a heavily regulated industry. Certain roles may require candidates to go through a preliminary credit check during the screening process. Candidates who are presented with a Fidelity offer will need to go through a background investigation and may be asked to provide additional documentation as requested. This investigation includes but is not limited to a criminal, civil litigations and regulatory review, employment, education, and credit review (role dependent). These investigations will account for 7 years or more of history, depending on the role. Where permitted by federal or state law, Fidelity will also conduct a pre-employment drug screen, which will review for the following substances: Amphetamines, THC (marijuana), cocaine, opiates, phencyclidine.