Talent.com
Principal Technology Risk Analyst

Principal Technology Risk Analyst

Fidelity InvestmentsBoston, MA, United States
26 days ago
Job type
  • Full-time
Job description

Job Description :

Enterprise Technology Risk & Analytics (ETRA) is seeking a passionate, driven, and experienced technology professional to join our team.

The Role

The individual in this role will be based in Merrimack, Boston, Smithfield, or Westlake and report to the Director of Technology Risk for Advanced Process Solutions (APS), Customer Contact Center (EC3) and Enterprise Infrastructure & Operations (EI&O), within ETRA. The individual will work closely with our business units, Internal Audit, Risk, Information Security Officers (ISOs), and Fidelity external auditors and regulators.

You will work closely with various ETRA Centers of Excellence (COEs), perform proactive risk and control assessments, monitor technology controls, document and oversee remediation plans, participate in corporate audits, and provide External Audit support. You will be responsible for monitoring and escalating business impacting incidents to ETRA and LRC senior leaders and develop / maintain associated reporting.

This is also a great opportunity to work closely with the BU Technology teams on emerging technologies supporting modernization efforts.

The Expertise You Have

  • 5-8 years of experience in information technology risk management, audit and / or compliance, or cybersecurity with significant experience in information technology controls review; experience in financial services audit organization preferred
  • BA / BS, preferably in technology or related field of study
  • Demonstrated technical abilities in multiple areas (e.g., technology infrastructure and application controls, cybersecurity, access management, resiliency, data loss prevention (DLP), network, cloud, etc.)
  • Experience performing technology risk assessments, control assessments or IT Audits
  • Ability to represent complex programs to external auditors and regulators
  • Experience or knowledge of cloud-based deployments, DevOps, and associated risk / controls and auditing requirements preferred
  • Expertise and hands-on experience in ITSM processes, at an enterprise level
  • Professional technology risk certifications or interest in pursuing (CISSP, CISA, CRISC, CISM) preferred

The Skills You Bring

  • You have a strong knowledge of information technology processes and controls and a comprehensive understanding of risk, quality control and assurance functions.
  • Your ability to build and maintain collaborative working relationships with Information Technology and Business personnel
  • Your love of solving complex problems, comfort with ambiguous situations, and your ability to help solution innovative ways to mitigate risk using your advanced analytical and critical thinking skills
  • Your process orientation and understanding of operations and technology enabling you to provide support in the analysis, development, and monitoring of controls
  • Your ability to manage multiple projects concurrently and to work under pressure to meet tight timeline commitments
  • Experience performing risk assessments, control assessments, IT audits or implementing technology controls for large scale financial service organizations (mainframe, distributed, network and cloud environments)
  • Knowledge of industry standards, frameworks, and best practices, such as NIST, SOC1, SOC2, ISO27001, ISO27701, ISO22301
  • Your skillset and hands-on experience with ITSM processes and oversight
  • Your excellent verbal and written communication skills enabling you to prepare and present recommendations to business partners and senior management
  • Advanced computer literacy with word processing, spreadsheet, process flow and presentation applications
  • Your comfort with data analytics and ability to consume and distribute data
  • Knowledge of governance, risk, and compliance (GRC) tools, such as Archer is preferred
  • Understanding of application development, deployment and management patterns, especially DevOps and CI / CD practices is preferred
  • The Value You Deliver

  • Ability to act as a leader on the team, who is comfortable sharing your thoughts and POV to senior management
  • Desire to continuously learn and stay up to date on an ever-changing technology landscape.
  • Assessing the various information technology risks that the business units face in their operations and implementing action plans, policy and procedural changes for risk avoidance and mitigation
  • Conducting in depth information technology risk assessments, which include documenting controls, identifying potential gaps or inconsistencies, creating detailed process flows, and making sound recommendations for improvement and / or mitigation
  • Conducting readiness reviews and IT General Control reviews for large information technology development projects ensuring appropriate systems development lifecycle methodologies are being applied and necessary controls are in place
  • Identifying / designing appropriate KPIs / KRIs for IT risk monitoring
  • Understanding and consulting on information security standards and industry best practices
  • Ensuring associates are trained and knowledgeable about information technology controls
  • Reviewing third party vendors and contracts to ensure appropriate controls are in place and function effectively
  • Tracking action plans to ensure findings are remediated appropriately, and in a timely manner
  • Liaison with Internal and External audit teams, tracking internal and external audit findings, perform issues follow-up, consulting and action plans with owners and issue resolution.
  • Providing risk perspective for technology incidents, track risk findings related to incidents, and serve as a liaison for technology risk management
  • Evaluating control maturity by performing control design and operating effectiveness reviews and peer reviewing as needed
  • The Team

    The Technology Risk team oversees the management of controls, and the mitigation of risk related to our technology infrastructure and processes, focusing on protecting the interests of our clients, customers, employees, and company. Our team's focus is technology risk the for EI&O Business unit.

    Note : Fidelity is not providing immigration sponsorship for this position

    Certifications : Category : Information Technology

    Most roles at Fidelity are Hybrid, requiring associates to work onsite every other week (all business days, M-F) in a Fidelity office. This does not apply to Remote or fully Onsite roles.

    Please be advised that Fidelity's business is governed by the provisions of the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, the Investment Company Act of 1940, ERISA, numerous state laws governing securities, investment and retirement-related financial activities and the rules and regulations of numerous self-regulatory organizations, including FINRA, among others. Those laws and regulations may restrict Fidelity from hiring and / or associating with individuals with certain Criminal Histories.

    Create a job alert for this search

    Risk Analyst • Boston, MA, United States

    Related jobs
    Junior Risk Analyst

    Junior Risk Analyst

    Harvard Partners Trusted IT AdvisorsBoston, Massachusetts, United States
    Full-time
    Quick Apply
    As the Junior Risk Analyst you will assist in the daily administration of insurance, surety, claims (excluding workers' compensation) and risk management activities. This includes but is not limited...Show moreLast updated: 16 days ago
    • Promoted
    Principal Business Analyst (P3) •ONSITE •

    Principal Business Analyst (P3) •ONSITE •

    RaytheonTewksbury, MA, US
    Full-time
    Principal Business Analyst (P3) For LtAMDS LRIP Program.At Raytheon, the foundation of everything we do is rooted in our values and a higher calling to help our nation and allies defend freedoms a...Show moreLast updated: 30+ days ago
    • Promoted
    Technology and Cybersecurity Risk Governance, Managing Director

    Technology and Cybersecurity Risk Governance, Managing Director

    State StreetQuincy, MA, US
    Full-time
    Technology and Cyber Risk Governance Leader.It is an exciting time to join State Street Corporation (SSC) in the Enterprise Technology Risk Management (ETRM) organization.ETRM is responsible for th...Show moreLast updated: 7 days ago
    • Promoted
    State Licensed Risk Management Analyst

    State Licensed Risk Management Analyst

    VirtualVocationsLowell, Massachusetts, United States
    Full-time
    A company is looking for a Senior Risk Management Analyst - BD / RIA.Key Responsibilities Identify and resolve key risk factors while developing and implementing mitigation methodologies Develop m...Show moreLast updated: 10 days ago
    Cybersecurity Lead

    Cybersecurity Lead

    CenturiaHanscom Afb, Massachusetts, United States, 01731
    Full-time
    Job Title : Wing Cyberspace Lead.Location : Hanscom Air Force Base.Centuria, a Service-Disabled Veteran-Owned Small Business (SDVOSB), has been delivering IT, Engineering, and Scientific solutions to...Show moreLast updated: 1 day ago
    • Promoted
    IT PMO Analyst

    IT PMO Analyst

    VirtualVocationsLowell, Massachusetts, United States
    Full-time
    A company is looking for an IT Project Management Office (PMO) Analyst to provide data analysis and governance support for IT projects. Key Responsibilities Analyze project documentation and data ...Show moreLast updated: 1 day ago
    • Promoted
    Senior Principal Systems Engineer - I&T Lead Onsite

    Senior Principal Systems Engineer - I&T Lead Onsite

    RaytheonAndover, Massachusetts, United States of America
    Full-time
    MA600 : Andover, MA 366 Lowell St 366 Lowell Street , Andover, MA, 01810-5423 USA.Person, or Immigration Status Requirements : . At Raytheon, the foundation of everything we do is rooted in our values...Show moreLast updated: 3 days ago
    • Promoted
    Global Head of Investment Research and Risk Technology, MD

    Global Head of Investment Research and Risk Technology, MD

    State StreetBoston, MA, US
    Full-time
    Global Head Of Investment Research And Risk Technology.State Street Investment Management ("State Street IM", formerly State Street Global Advisors or SSGA) is seeking a seasoned senior leader to o...Show moreLast updated: 26 days ago
    • Promoted
    Senior Cryptographic Public Key Infrastructure (PKI) Manager (Remote Eligible)

    Senior Cryptographic Public Key Infrastructure (PKI) Manager (Remote Eligible)

    Capital OneBoston, MA, United States
    Remote
    Full-time +1
    Senior Cryptographic Public Key Infrastructure (PKI) Manager (Remote Eligible).Capital One is seeking a Cyber Senior Manager to help deliver game-changing cybersecurity solutions based on threat, d...Show moreLast updated: 30+ days ago
    • Promoted
    Fraud Prevention Analyst

    Fraud Prevention Analyst

    VirtualVocationsLowell, Massachusetts, United States
    Full-time
    A company is looking for a Senior Associate, Fraud Prevention Analyst.Key Responsibilities Conduct thorough investigations and analyses of financial transactions to detect and prevent fraudulent ...Show moreLast updated: 30+ days ago
    • Promoted
    Principal Specialist, Project Management - Risk & Opportunity

    Principal Specialist, Project Management - Risk & Opportunity

    RaytheonTewksbury, MA, US
    Full-time
    Principal Specialist, Project Management - Risk & Opportunity.Land and Air Defense Systems (LADS) is seeking a Principal Specialist, Project Management - Risk & Opportunity to join their Product Su...Show moreLast updated: 2 days ago
    • Promoted
    Manager - Data Risk, Analytics, and Automation

    Manager - Data Risk, Analytics, and Automation

    RSM US LLPBoston, MA, United States
    Full-time
    We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their ful...Show moreLast updated: 3 days ago
    • Promoted
    Principal Threat Intelligence Engineer

    Principal Threat Intelligence Engineer

    VirtualVocationsLowell, Massachusetts, United States
    Full-time
    A company is looking for a Principal Threat Intelligence Engineer.Key Responsibilities Oversee the entire Threat Intelligence Lifecycle including requirements, collection, processing, analysis, d...Show moreLast updated: 2 days ago
    • Promoted
    Principal Specialist, Project Management - Risk & Opportunity

    Principal Specialist, Project Management - Risk & Opportunity

    Clearance JobsTewksbury, MA, US
    Full-time
    Principal Specialist, Project Management - Risk & Opportunity.At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend fre...Show moreLast updated: 1 day ago
    • Promoted
    BSA Analyst

    BSA Analyst

    VirtualVocationsLowell, Massachusetts, United States
    Full-time
    A company is looking for a Bank Secrecy Act Analyst to ensure compliance with AML, CFT, and OFAC regulations.Key Responsibilities Investigates alerts from transaction monitoring systems and prepa...Show moreLast updated: 1 day ago
    • Promoted
    Senior HRIS Analyst

    Senior HRIS Analyst

    VirtualVocationsLowell, Massachusetts, United States
    Full-time
    A company is looking for a Senior HRIS Analyst.Key Responsibilities Support the iCIMS platform and lead the Workday recruiting implementation Manage project timelines, coordinate meetings, and o...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Vice President of Global Partnerships & Alliances

    Vice President of Global Partnerships & Alliances

    ConfidentialBoston, MA, United States
    Full-time
    Vice President of Global Partnerships & Alliances.A leading cybersecurity firm specializing in user behavior intelligence and data protection. We are looking for a dynamic and experienced Vice Presi...Show moreLast updated: 19 hours ago
    • Promoted
    Treasury Risk Analyst

    Treasury Risk Analyst

    VirtualVocationsLowell, Massachusetts, United States
    Full-time
    A company is looking for a Treasury Risk Oversight Expert.Key Responsibilities Act as the subject matter expert on market risk, conducting assessments and challenge reviews Provide leadership an...Show moreLast updated: 3 days ago
    • Promoted
    Lead Security & Risk Analyst (Hybrid)

    Lead Security & Risk Analyst (Hybrid)

    American Family Insurance Agency StaffBoston, MA, United States
    Full-time
    This position supports enterprise-wide digital risk and compliance initiatives, including policy governance, regulatory consultation, and assessment coordination, with a primary focus on leading th...Show moreLast updated: 3 days ago
    • Promoted
    Mid-Level SOC Analyst

    Mid-Level SOC Analyst

    VirtualVocationsDorchester, Massachusetts, United States
    Full-time
    A company is looking for a Mid-Level SOC Analyst.Key Responsibilities Monitor security events and produce high-quality analysis Identify opportunities to enhance detection content and processes ...Show moreLast updated: 9 days ago