Job Description

Job Description:

The Principal Technology Risk Analyst supports the Enterprise Technology Risk & Data Analytics (ETRA) program which ensures technology risks are proactively identified, reported, and monitored in support of Fidelity Brokerage Technology (FBT). Specific responsibilities include the identification and monitoring of controls, corporate audit engagement and oversight, ongoing compliance with existing and emerging regulatory requirements, supporting external audit activity (e.g., SOC 1) as needed, distributing ongoing technology risk reports, monitoring the FBT cloud migration strategy, and performing proactive IT Control Readiness assessments (ITGC). In addition, there will be opportunities to support ad hoc strategic projects and requests from our FI Operational Risk partners.

The individual in this role will be based in North Carolina, Merrimack or Smithfield and work with the Director, Technology Risk Management within the ETRA team. The individual will work closely with Enterprise Risk & Compliance teams, Enterprise Cybersecurity, BU Information Security Officers (ISOs), and Fidelity external auditors

The Expertise You Have

* Ability to represent complex programs to external auditors and regulators

* Demonstrated record of analyzing and/or supporting complex risk programs

* Demonstrated technical abilities in multiple areas (e.g., technology infrastructure and application controls, production support, cybersecurity, access management, network and cloud, resiliency, etc.)

* Bachelors Degree in Computer Science, Technology, Finance, or a related field of study

* 8+ years in Risk, Compliance, Information Security, Information Technology, Controls or Audit roles

* Professional technology risk certification or interest in pursuing (CISSP, CISA, CRISC, CISM)

The Purpose of Your Role

* Risk Management. Support BU risk management functions, as required, to include control testing, management reporting, and dedicated risk support

* SOC 1 / External Audit Support. Assist in the support of the annual SOC 1 and other external audits by identifying new applications that could become materially relevant for the audit, performing proactive IT General Control (ITGC) assessments, managing exceptions, assist as needed

* Control Readiness. Perform IT General Control readiness assessments

* Control Monitoring. Establish ongoing cadence to measure and report on the effectiveness of controls

The Skills You Bring

* Demonstrated risk management knowledge and experience, including risk assessment and control evaluation

* Strong problem-solving and critical thinking abilities

* Outstanding written and oral communication skills

* Excellent relationship building and influence skills

The Value You Deliver

* Conducting readiness reviews over large information technology development projects ensuring appropriate systems development lifecycle methodologies are being applied and followed

* Enabling our business partners to meet their external audit and regulatory requirements

* Providing advice, mentorship and IT risk program management



Certifications:



Company Overview

At Fidelity, we are focused on making our financial expertise broadly accessible and effective in helping people live the lives they want. We are a privately held company that places a high degree of value in creating and nurturing a work environment that attracts the best talent and reflects our commitment to our associates. We are proud of our diverse and inclusive workplace where we respect and value our associates for their unique perspectives and experiences. For information about working at Fidelity, visit FidelityCareers.com.

Fidelity Investments is an equal opportunity employer.

Fidelity will reasonably accommodate applicants with disabilities who need adjustments to complete the application or interview process. Please email us at accommodations@fmr.com or 800-835-5099, prompt 2, option 2 if you would like to request an accommodation.