Principal, ECS Cyber Risk - Durham - job 1197952

Fidelity Investments

Date: 09/12/2021

City: Durham, North Carolina

Employment type: Full-time

Job Description:

The Role

The Enterprise Cybersecurity Risk (ECS Cyber Risk) team is seeking an experienced Principal-level risk professional to lead in the creation of cyber risk analyses pertaining to ECS. The ideal candidate will understand current and emerging cybersecurity risks and determine key risk scenarios for the ECS Tribes. This role will participate in Tribe risk / threat modeling sessions to prioritize top risks. Additionally, will advise on both exceptions and audit finding risk levels to drive down the number of exceptions and accurately risk rate audit findings. The candidate will quantify cyber risk and present analyses at the squad level that will allow senior management to make informed decisions based on resulting risk data.

The Expertise and Skills You Bring

  • Minimum 3-5 years of risk experience quantifying cyber risk scenarios and presenting data in a meaningful and insightful way to senior leaders

  • Proven experience in cybersecurity risk management

  • Experience managing projects end-to-end, from initial stages of acquiring data from multiple sources and SMEs, to the tracking, maintenance, and closure of a project, with proven ability to integrate data into risk analysis tools and communicate progress optimally across multiple lines and levels

  • Advanced understanding of NIST 800-53 Cybersecurity Framework and FAIR

  • CISSP, CCSP, OpenFAIR certifications preferred

  • Effective communication and excellent presentation skills to senior leaders

  • Deep dive into metrics that will both (1) quantify the work being done and (2) quantify how cyber risk position has improved

  • Critical thinking skills to ask detailed questions and fully vet answers to uncover discrepancies and gaps others may not have found is a must

  • Work across business lines to influence change and help mitigate cyber risk

  • Intermediate understanding of risks pertaining to the following: cloud security, access controls, encryption, vendor security, data exfiltration, application security, perimeter security, customer protection, privileged access, denial of service, unpatched vulnerabilities, and end of life software

  • Operate in a fast-paced environment and can complete analyses quickly and accurately integrating new cybersecurity data into risk models as it emerges

  • Bring an investigator mindset to deep dive into metrics to understand and communicate actionable risk to squads

The Team

ECS Cyber Risk provides cybersecurity risk analyses pertaining to existing and emerging risk scenarios and communicates these risks to appropriate ECS Tribes and senior leadership. This team focuses on identifying, measuring, prioritizing, and reporting on cyber risk scenarios and will work both independently and across tribes to drive senior management to informed decisions and directions in strategy to either maintain the course or if needed, change direction.


Company Overview

At Fidelity Investments, our customers are at the heart of everything we do. As a privately held company with a rich 75-year history, our mission has remained the same since our founding: to strengthen the financial well-being of our clients. We help people invest and plan for their future. We assist companies and non-profit organizations in delivering benefits to their employees. And we provide institutions and independent advisors with investment and technology solutions to help invest their own clients’ money.

Join Us

At Fidelity, you’ll find endless opportunities to build a meaningful career that positively impacts peoples’ lives, including yours. You can take advantage of flexible benefits that support you through every stage of your career, empowering you to thrive at work and at home. And you don’t need a finance background to succeed at Fidelity—we offer a range of opportunities for learning and growth so you can build the career you’ve always imagined. We welcome associates from different backgrounds and with different perspectives to help us innovate and make a difference for our customers and our communities.

We invite you to Find Your Fidelity at

Fidelity Investments is an equal opportunity employer. We believe that the most effective way to attract, develop and retain a diverse workforce is to build an enduring culture of inclusion and belonging.

Fidelity will reasonably accommodate applicants with disabilities who need adjustments to participate in the application or interview process. To initiate a request for an accommodation, contact the HR Leave of Absence/Accommodation Team by sending an email to accommodations, or by calling 800-835-5099, prompt 2, option 2.

How to apply:

To apply for this job you have to sign in to our website (My profile link in the header).

If you don't have an account with us yet, please Sign up.