Job Description:
The Role
Enterprise Technology Risk & Analytics (ETRA) group is seeking a passionate and driven professional to assist with coordination of regulatory operations and ETRA strategy and reporting activities. This role will require strong relationship and networking skills to collaborate with various teams including Enterprise Cybersecurity, Corporate Audit, Corporate Risk, Compliance, Vendor Management, Ethics Office and Enterprise Business Resiliency.
Primary Responsibilities
Facilitates Top-Down Risk Assessments by entity and tracks application, database and server inventory by entity to meet regulatory requirements.
Provides exam & client inquiry support.
Tracks Internal Audit, SII, and PROE action plan progress, and coordinates/tracks Information Technology General Control (ITGC) assessment statuses.
Completes quarterly KPI Reporting and coordinates monthly CIO Reporting.
Supports the ETRA Brunch & Learn Series, Newsletter, etc.
Performs all processing related to the NPH Program
Formulates/publishes/tracks annual Risk Mindset Training
Facilitates the tri-annual certification process for the Controls CoE
The Expertise and Skills You Bring
4-6 years' experience in information technology risk, cyber security, controls or audit roles
Experience in regulatory controls is a plus
Bachelor's degree in computer science, technology, or a related field of study preferred
Professional technology and associated risk certifications a plus (CISSP, CISA, CRISC, CISM)
Experience performing technology risk assessments, or IT Audits
You have a strong knowledge of information technology processes and controls and a comprehensive understanding of risk, quality control and assurance functions.
Your love of solving complex problems, and comfort with ambiguous situations, and your ability to help solution innovative ways to mitigate risk using your advanced analytical and critical thinking skills
Your ability to build and maintain collaborative working relationships with business partners
Your process orientation and understanding of operations and technology enabling you to provide support in the analysis, development and monitoring of controls
Knowledge of Industry standards, frameworks and best practices, such as NIST SP 800-53, COBIT, AICPA Trust Principles, ISO27001, HITRUST is preferred
Knowledge of Governance, Risk, and Compliance (GRC) tools, such as Archer
Your excellent verbal and written communication skills enabling you to prepare and present recommendations to business partners
The Value You Deliver
Conducting in-depth information technology risk assessments including documenting controls, identifying potential gaps and/or inconsistencies and making sound recommendations for improvement and/or mitigation.
Assessing the various information technology risks that the business faces in its operations and implement action plans, policy and procedural changes for risk avoidance and mitigation
Monitor and report on quarterly KPIs/KRIs for ETRA
Understanding and consulting on information security standards and industry best practices as it relates to regulated entities
Liaison with Internal and External audit teams, tracking of internal and external audit findings, perform issues follow-up, consulting and action plans with owners and issue resolution.
Fidelity's hybrid working model blends the best of both onsite and offsite work experiences. Having the majority of our associates work onsite is important for our business strategy and our culture. We also value the benefits that working offsite offers associates. Most roles listed as Hybrid will require associates to work onsite all business days of every other week in a Fidelity office. This does not apply to roles listed as Remote or Onsite.
Certifications:
Category:
Information TechnologyFidelity's hybrid working model blends the best of both onsite and offsite work experiences. Working onsite is important for our business strategy and our culture. We also value the benefits that working offsite offers associates. Most hybrid roles require associates to work onsite every other week (all business days, M-F) in a Fidelity office.
