Skip to main content

Cybersecurity Consultant (Internal Audit Facilitator)

  • Hybrid
  • Boston, Massachusetts
Apply Now
Share
Tech (2)

Description

Cybersecurity Consultant (Internal Audit Facilitator)

Fidelity TalentSource is your destination for discovering your next temporary role at Fidelity Investments! We are currently sourcing for a Sr. Cybersecurity Consultant (Regulatory & Audit) to work in Fidelity’s Enterprise Cybersecurity division in Boston, MA!

The Team

The Enterprise Cybersecurity (ECS) Regulatory & Audit team helps ECS and corporate partners manage firm-wide cybersecurity risk by providing key support services. As part of Cyber Regulatory & Audit, the ECS Internal Audit Engagement (IAE) team supports 25-30 internal audits annually. IAE seeks to reduce cyber risk through improved engagement and partnership with ECS Product Areas and Audit to ensure alignment, transparency, and efficiency throughout pre-audit, active audit, and post-audit efforts.

The Role

The ECS Internal Audit Engagement (IAE) team is seeking a hard-working and expert cybersecurity risk professional to support and partner with ECS Product Areas and Fidelity Corporate Audit. The role requires steadfast collaboration throughout the three phases of audit engagement: pre-audit (roadmap alignment, pre-audit control risk gap assessments, trend/theme analysis), active audit (risk quantification, drafting action plans, facilitating risk acceptances), and post-audit (action plan closure, reporting and metrics).

The Expertise and Skills You Bring

  • Proven Risk Management and Mitigation experience
  • Strong Risk, Process, Cyber Threat Analysis, and Control Gap Assessment skill
  • Broad knowledge of cybersecurity threats and tactics
  • Understanding of NIST Cybersecurity Framework standards and practices, COBIT 5
  • Knowledge of Operations & Technology (identity & access management; physical/personnel security; security ops assessments), Information Risk Management (vendor risk management; cloud computer security; data management), Software Development Process and application security.
  • Understanding of FAIR (Factor Analysis of Information Risk) cyber risk framework
  • Familiarity with Archer GRC, Jira, and ServiceNow

General Business Skills

  • Experience working as corporate/internal auditor or working with corporate audit function
  • Analyst mentality to deep dive into audit findings to understand and communicate risks and appropriate responses
  • Highly motivated, self-directed, independent problem solver with attention to detail.

Responsibilities

  • Partner with internal teams to identify ECS control gaps
  • Partner with Audit and ECS teams to confirm reported audit issues and perform FAIR quantitative risk assessments
  • Drafting responses (Action Plans) to address valid audit observations
  • Manage ECS Product Areas progress toward timely completion of action plans
  • Find opportunities to improve team processes to better support ECS Product Areas
  • Manage ECS Risk Acceptances
  • Maintain and make use of metrics that support various reports and critical meetings
  • Partner w/ ECS Product Areas to gain in-depth understanding of roadmaps, backlogs, etc.

Education and Experience

  • Bachelor’s degree (or equivalent experience) in technology, computer science, or engineering strongly preferred
  • 5+ years’ experience in cybersecurity risk management, technology operations, system analysis, and/or project management
  • Certification a plus: CISSP (Information Systems Security Professional), CEH (Certified Ethical Hacker), CISA (Certified Information Systems Auditor)

Dynamic Working

At Fidelity TalentSource, our goal is for most people to work flexibly in a way that balances both personal and business needs with time onsite and offsite through what we call “Dynamic Working.” Most associates will have a hybrid schedule with a requirement to work onsite at a Fidelity location for at least one week, 5 consecutive days, every four weeks. These requirements are subject to change.

a person wearing glasses and a striped shirt

Why choose Fidelity TalentSource?

Fidelity TalentSource

Fidelity TalentSource, is the in-house temporary staffing provider for Fidelity Investments. Unlike traditional staffing agencies, we are an internal business unit within Fidelity's Talent Acquisition team, dedicated to recruiting talent from various backgrounds for roles in Fidelity's regional and investor centre locations. Our mission is to help you experience Fidelity's diverse and inclusive workplace while expanding your skill set and professional network, with the ultimate goal of conversion to full-time employment as part of Fidelity's long-term strategy. For information about working at Fidelity TalentSource, visit FTSJobs.com. Fidelity TalentSource is an equal opportunity employer. Fidelity TalentSource will reasonable accommodate applicants with disabilities who need adjustments to complete the application or interview process.

Company overview

At Fidelity, we are passionate about making our financial expertise broadly accessible and effective in helping people live the lives they want! We are a privately held company that places a high degree of value in creating and nurturing a work environment that attracts the best talent and reflects our commitment to our associates. We are proud of our diverse and inclusive workplace where we respect and value our associates for their unique perspectives and experiences.

Sign up for job alerts

Sign up for job alerts to recieve alerts for jobs matching your current search criteria.

Sign Up