Director, Cybersecurity - 2059872
Company: Fidelity Investments
Location: Merrimack, NH
Posted on: August 12, 2022
Job Description:
Creates security profiles to protect financial platforms,
applications, and data. Analyzes corporate security policies and
controls, Information Technology (IT) development practices, and
technology posture to drive adoption and implementation of
Cybersecurity control programs. Identifies, measures, and reduces
cyber security risks. Draws on in-depth knowledge of the business
or function to provide business unit-wide Cybersecurity solutions.
Researches and recommends new technologies in support of the
strategic direction of the business unit. Researches and recommends
appropriate models, methods, tools, and technologies to achieve
business-unit-wide solutions. Primary Responsibilities: Protects critical financial data and infrastructure and
mitigates risk across critical business and infrastructure
applications. Defines implementation approaches, and evaluates alternative
solutions that align with strategic goals while reducing friction
with business unit deployments. Plans and leads cybersecurity control implementation adoption
efforts. Oversees cross-divisional or company Cybersecurity
initiatives. Provides leadership, technical supervision, and expertise to
multiple teams in broad technical areas on complex
organization-wide projects. Plans and leads organization-wide Cybersecurity initiatives. Provides business unit requirements to program teams for maximum
effectiveness. Consults on the development and delivery of major Cybersecurity
initiatives for the business unit. Recommends and influences organization wide policies regarding
security controls and processes. Reviews and advises on departmental technical policies and
procedures. Supports IT Risk functions on regulatory, client, or other
examinations, audits or controls assessments. Regularly provides guidance, training, and coaching to other
team members for performance and career development. Stays current on business trends, technological developments,
threats, vulnerabilities, and risk management strategies. Works with business teams to establish, design, and implement
appropriate solutions accordingly. Supports and represents operational and organizational
priorities as needed, in various forums. Works with technology product and development delivery teams to
analyze and improve the risk posture of critical application
infrastructure. Creates requirements for secure technology implementations and
process improvements. Engages product teams, and tracks and facilitates application
security implementations to comply with new technology policies and
enterprise initiatives. Reviews vendor and open software for implementation and
Cybersecurity risks. Plans, implements, upgrades, or monitors security measures for
the protection of computer networks and information. Education and Experience: Bachelors degree (or foreign education equivalent) in Computer
Science, Engineering, Information Technology, Computer Information
Systems, Mathematics, Physics, or a closely related field and six
(6) years of experience in the job offered or six (6) years of
experience improving the cybersecurity posture of end-to-end
technology implementations -- evaluating development practices,
business applications, and infrastructure -- within a financial
services environment. Or, alternatively, Masters degree (or foreign education
equivalent) in Computer Science, Engineering, Information
Technology, Computer Information Systems, Mathematics, Physics, or
a closely related field and four (4) years of experience in the job
offered or four (4) years of experience improving the cybersecurity
posture of end-to-end technology implementations -- evaluating
development practices, business applications, and infrastructure --
within a financial services environment. Skills and Knowledge: Candidate must also possess: Demonstrated Expertise (DE) conducting technology assessments of
application and infrastructure vulnerabilities for current and
emerging technologies used to develop, deploy, and support Asset
Management (AM) business applications and infrastructure systems;
and analyzing AM business priorities and providing technical
direction to business unit technology and Enterprise Cybersecurity
program leaders to ensure the business operates securely within
Amazon Web Services (AWS) Cloud and traditional on-premise
environments. DE identifying, measuring, and reporting systemic
cross-enterprise technology vulnerabilities and security mechanisms
-- authentication and authorization techniques including, OAuth,
elevated access management, Azure Active Directory, access
management tools, data protection, and encryption -- of
business-sensitive non-public information; providing enterprise
security guidance and consulting for technology solutions and
controls; and supporting operational and technology risk functions
-- vendor and recordkeeping risks, and regulatory examination,
internal and external audit, and control assessments. DE planning and leading cybersecurity initiatives -- trading
crypto-fund systems and approved vendors by engaging with business
product and development delivery teams and analyzing their DevOps
practices to ensure compliance with cybersecurity policies and
programs, including increasing cybersecurity product adoption -- to
improve the risk posture of business unit critical application and
system infrastructure. DE conducting incident security investigations -- designing
incident classifications for network security breaches -- according
to incident threat classifications; and monitoring Key Performance
Indicators (KPIs) to ensure they meet month-on-month AM
cybersecurity deadlines. For full job details and to apply, please visit
https://wd1.myworkdaysite.com/en-US/recruiting/fmr/FidelityCareers
and search for job number: 2059872.
Keywords: Fidelity Investments, Boston , Director, Cybersecurity - 2059872, Finance , Merrimack, NH, Massachusetts