Technology Risk Analyst / Sr. Risk Analyst
Boston, MA

Job Description

Technology Risk Analyst / Sr. Risk Analyst

You will help manage the core Technology Risk Program for a business unit or specialize in a Center of Excellence (COE) supporting the BU Tech Risk teams. This includes defining and executing the technology strategy, representing the BU in IT governance forums, and working with operations risk teams to holistically manage risk. In both the BU Tech Risk and COE roles, you will be performing proactive risk and control assessments, monitoring technology controls, documenting and overseeing remediation plans, consulting on technology control readiness, and engaging with internal/external audit.

The Team

You will report to either a BU Technology Risk Lead or a Center of Excellence (COE) Lead. The Technology Risk team oversees the management of controls and the mitigation of risk related to the technology environment, systems, and processes. Technology Risk is part of the broader Fidelity Risk Group and partners with Corporate Audit, Enterprise Compliance, and Security to protect the interests of our customers, our employees, and Fidelity's brand. You will also work closely with Fidelity technology and business owners, Business Unit (BU) Compliance teams, Enterprise Cybersecurity (ECS), BU Information Security Officers (ISOs), and Fidelity external auditors and regulators.

The Expertise You Have

* 3-7 years' experience in information technology, risk, cyber security, controls or audit roles
* Bachelor's Degree in Computer Science, Technology, Finance, or a related field of study preferred
* Demonstrated technical abilities in multiple areas (e.g., technology infrastructure and application controls, cyber security, access management, network and cloud, resiliency, etc.)
* Professional technology risk certification desired but not required (CISSP, CISA, CRISC, CISM)
* Demonstrated expertise in IT risk assessment methodologies, e.g., Factor Analysis of Information Risk (FAIR), and risk quantification is preferred for the Risk Assessment COE role

The Skills You Bring

* You have a strong knowledge of information technology processes and controls and a comprehensive understanding of risk, quality control and assurance functions.
* Your love of solving complex problems, and comfort with ambiguous situations, and your ability to help solution innovative ways to mitigate risk using your advanced analytical and critical thinking skills
* Your process orientation and understanding of operations and technology enabling you to provide support in the analysis, development and monitoring of controls
* Your excellent verbal and written communication skills enabling you to prepare and present recommendations to senior management
* Your ability to build and maintain collaborative working relationships with Information Technology and Business personnel to design and assist in the execution of appropriate controls design and monitoring

The Value You Deliver

* Assessing the various information technology risks that the business faces in its operations and implement action plans, policy and procedural changes for risk avoidance and mitigation
* Evaluating control maturity by performing control design and operating effectiveness reviews and peer reviewing as needed.
* Conducting in depth information technology risk assessments including documenting controls, identifying potential gaps and/or inconsistencies and making sound recommendations for improvement and/or mitigation.
* Provide technical assistance on risk related systems issues, and serve as a liaison for technology risk management
* Determining appropriate KPIs/KRIs for IT risk monitoring
* Understanding and consulting on information security standards and industry best practices
* Answering questions from internal and external Audit on information technology controls
* Tracking action steps and ensure that findings are remediated appropriately and in a timely manner

Company Overview

At Fidelity, we are focused on making our financial expertise broadly accessible and effective in helping people live the lives they want. We are a privately held company that places a high degree of value in creating and nurturing a work environment that attracts the best talent and reflects our commitment to our associates. We are proud of our diverse and inclusive workplace where we respect and value our associates for their unique perspectives and experiences. For information about working at Fidelity, visit Fidelitycareers.com

Fidelity Investments is an equal opportunity employer.