Principal Technology Risk Analyst

Job Description:

The Role

Do you want to join a team focused on Fidelity’s Cryptocurrency, Blockchain and Decentralized Finance programs and initiatives?  The Technology Risk team for Enterprise Services (ES) within Enterprise Technology Risk & Analytics (ETRA) group is seeking a passionate, driven, and experienced professional to join the team!  You will help enhance and manage the core program activities, this includes refining and executing the technology risk strategy and program, and working with Technology, Operations, Legal Risk and Compliance teams to holistically manage technology risk of crypto initiatives across the Firm. 

The Expertise We’re Looking For

• Experience with cryptocurrency, blockchain technology, smart contracts, NFTs
• 6-8+ years’ experience in information technology risk, cyber security, controls or audit roles
• Bachelor’s Degree in Computer Science, Technology, or a related field of study preferred
• Demonstrated technical abilities in multiple areas (e.g., technology infrastructure and application controls, cyber security, access management, network and cloud, resiliency, etc.)
• Professional technology risk certifications (CISSP, CISA, CRISC, CISM) and/or Cloud Certification(s) (CCSP, CCSK, AWS) preferred

The Purpose of Your Role

In this position you will act as a consultant and provide expertise in crypto and blockchain information technology controls design, effectiveness, management and monitoring for new and existing Crypto and Blockchain initiatives across the firm.

The Skills You Bring

• Your curiosity and desire to support innovative business units in understanding and managing the risk of emerging technologies in the cryptocurrency, blockchain, and decentralized finance spaces.
• Your ability to research and quickly get up to speed on new initiative and technologies, see ways to apply existing processes and controls to new situations and mitigate new types of technology risk
• Your willingness to assess and manage technology risks in areas of the firm that are on the cutting edge, supporting the newest product developments and outside of the box activities with a dynamic can do attitude.
• Your love of solving complex problems, and comfort with ambiguous situations, and your ability to help solution innovative ways to mitigate risk using your advanced analytical and critical thinking skills
• Your strong knowledge of information technology processes and controls and a comprehensive understanding of risk and quality control and assurance functions
• Your advanced analytical and critical thinking skills
• Your excellent verbal and written communication skills enabling candidate to prepare and present recommendations to senior management
• Your ability to manage multiple projects concurrently and to work under pressure to meet tight time commitments
• Your ability to build and maintain collaborative working relationships with Information Technology and Business personnel to design and assist in the execution of appropriate controls design and monitoring
• Your ability to influence information technology leaders in the effective review and management of controls to mitigate risk in an emerging technology area

The Value You Deliver

• Supporting the establishment of an IT Risk Strategy and Framework specific to the Crypto and Blockchain space, with a focus on business impacts
• Providing advice, guidance, and IT risk program management
• Assessing the various information technology risks that the business faces in its operations and implement action plans, policy and procedural changes for risk avoidance and mitigation
• Conducting in depth information technology risk assessments including identifying and documenting controls, creating detailed process flows, identifying potential gaps and/or inconsistencies and making sound recommendations for improvement and/or mitigation  
• Determining appropriate KPIs/KRIs for IT risk monitoring
• Understanding and consulting on information security standards and industry best practices
• Ensuring that DI Associates are trained and knowledgeable about information technology controls
• Reviewing third party vendors and contracts to ensure appropriate controls are in place and functioning effectively
• Answering questions from internal and external Audit on information technology controls
• Tracking action steps and ensure that findings are remediated appropriately and in a timely manner
• Conducting readiness reviews over large information technology development projects ensuring strong risk management

Note: Fidelity is not providing immigration sponsorship for this position.

Placement in the range will vary based on job responsibilities and scope, geographic location, candidate’s relevant experience, and other factors.

Base salary is only part of the total compensation package. Depending on the position and eligibility requirements, the offer package may also include bonus or other variable compensation.   

We offer a wide range of benefits to meet your evolving needs and help you live your best life at work and at home.  These benefits include comprehensive health care coverage and emotional well-being support, market-leading retirement, generous paid time off and parental leave, charitable giving employee match program, and educational assistance including student loan repayment, tuition reimbursement, and learning resources to develop your career.  Note, the application window closes when the position is filled or unposted.

Please be advised that Fidelity’s business is governed by the provisions of the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, the Investment Company Act of 1940, ERISA, numerous state laws governing securities, investment and retirement-related financial activities and the rules and regulations of numerous self-regulatory organizations, including FINRA, among others. Those laws and regulations may restrict Fidelity from hiring and/or associating with individuals with certain Criminal Histories.

Fidelity’s hybrid working model blends the best of both onsite and offsite work experiences. Working onsite is important for our business strategy and our culture. We also value the benefits that working offsite offers associates. Most hybrid roles require associates to work onsite every other week (all business days, M-F) in a Fidelity office.

Certifications:

Category: