Sr. Cybersecurity Consultant

$76,000 - $144,000/Yr

Fidelity Investments - Boston, MA

posted 6 days ago

Full-time - Mid Level
Hybrid - Boston, MA
Securities, Commodity Contracts, and Other Financial Investments and Related Activities

About the position

The Sr. Cybersecurity Consultant will be part of the Enterprise Cybersecurity (ECS) Regulatory & Audit team, focusing on managing cybersecurity risks through collaboration with ECS Product Areas and Fidelity Corporate Audit. This role involves supporting internal audits, identifying control gaps, and ensuring effective risk management throughout the audit process.

Responsibilities

  • Partner with ECS teams to identify ECS control gaps
  • Collaborate with Audit and ECS teams to confirm reported audit issues and perform FAIR quantitative risk assessments
  • Draft responses (Action Plans) to address valid audit observations in partnership with ECS Product Areas
  • Track ECS Product Areas' progress toward on-time completion of action plans
  • Identify opportunities to improve team processes to better support ECS Product Areas
  • Manage ECS Risk Acceptances
  • Maintain and leverage key metrics that support various reports and critical meetings
  • Gain in-depth understanding of ECS Product Areas' roadmaps and backlogs

Requirements

  • Bachelor's degree in technology, computer science, or engineering strongly preferred
  • 7+ years experience in cybersecurity risk management, technology operations, system analysis, and/or project management
  • Demonstrated Risk Management and Mitigation experience
  • Strong Risk, Process, Cyber Threat Analysis, and Control Gap Assessment skills
  • Broad knowledge of cybersecurity threats and tactics
  • In-depth understanding of NIST Cybersecurity Framework standards and practices, COBIT 5
  • Knowledge of Operations & Technology, Information Risk Management, Software Development Life Cycle, and application security
  • Understanding of FAIR (Factor Analysis of Information Risk) cyber risk framework
  • Familiarity with ECS Policies, Standards, and Technical Implementation Guides (TIGs)
  • Familiarity with Archer GRC, Jira, and ServiceNOW
  • Experience working as corporate/internal auditor or with corporate audit function
  • Strong communication skills (written, verbal, presentation) with technical expertise to influence others and drive outcomes
  • Highly motivated, self-directed, independent thinker with strong attention to detail.

Nice-to-haves

  • CISSP (Information Systems Security Professional) certification
  • CEH (Certified Ethical Hacker) certification
  • CISA (Certified Information Systems Auditor) certification

Benefits

  • Comprehensive health care coverage
  • Emotional well-being support
  • Market-leading retirement
  • Generous paid time off and parental leave
  • Charitable giving employee match program
  • Educational assistance including student loan repayment and tuition reimbursement
  • Learning resources to develop your career

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service