Director, Cybersecurity - 2059872

Company: Fidelity Investments
Location: Merrimack, NH
Posted on: August 12, 2022

Job Description:

Creates security profiles to protect financial platforms, applications, and data. Analyzes corporate security policies and controls, Information Technology (IT) development practices, and technology posture to drive adoption and implementation of Cybersecurity control programs. Identifies, measures, and reduces cyber security risks. Draws on in-depth knowledge of the business or function to provide business unit-wide Cybersecurity solutions. Researches and recommends new technologies in support of the strategic direction of the business unit. Researches and recommends appropriate models, methods, tools, and technologies to achieve business-unit-wide solutions.

Primary Responsibilities:

Protects critical financial data and infrastructure and mitigates risk across critical business and infrastructure applications.

Defines implementation approaches, and evaluates alternative solutions that align with strategic goals while reducing friction with business unit deployments.

Plans and leads cybersecurity control implementation adoption efforts.

Oversees cross-divisional or company Cybersecurity initiatives.

Provides leadership, technical supervision, and expertise to multiple teams in broad technical areas on complex organization-wide projects.

Plans and leads organization-wide Cybersecurity initiatives.

Provides business unit requirements to program teams for maximum effectiveness.

Consults on the development and delivery of major Cybersecurity initiatives for the business unit.

Recommends and influences organization wide policies regarding security controls and processes.

Reviews and advises on departmental technical policies and procedures.

Supports IT Risk functions on regulatory, client, or other examinations, audits or controls assessments.

Regularly provides guidance, training, and coaching to other team members for performance and career development.

Stays current on business trends, technological developments, threats, vulnerabilities, and risk management strategies.

Works with business teams to establish, design, and implement appropriate solutions accordingly.

Supports and represents operational and organizational priorities as needed, in various forums.

Works with technology product and development delivery teams to analyze and improve the risk posture of critical application infrastructure.

Creates requirements for secure technology implementations and process improvements.

Engages product teams, and tracks and facilitates application security implementations to comply with new technology policies and enterprise initiatives.

Reviews vendor and open software for implementation and Cybersecurity risks.

Plans, implements, upgrades, or monitors security measures for the protection of computer networks and information.

Education and Experience:

Bachelors degree (or foreign education equivalent) in Computer Science, Engineering, Information Technology, Computer Information Systems, Mathematics, Physics, or a closely related field and six (6) years of experience in the job offered or six (6) years of experience improving the cybersecurity posture of end-to-end technology implementations -- evaluating development practices, business applications, and infrastructure -- within a financial services environment.

Or, alternatively, Masters degree (or foreign education equivalent) in Computer Science, Engineering, Information Technology, Computer Information Systems, Mathematics, Physics, or a closely related field and four (4) years of experience in the job offered or four (4) years of experience improving the cybersecurity posture of end-to-end technology implementations -- evaluating development practices, business applications, and infrastructure -- within a financial services environment.

Skills and Knowledge:

Candidate must also possess:

Demonstrated Expertise (DE) conducting technology assessments of application and infrastructure vulnerabilities for current and emerging technologies used to develop, deploy, and support Asset Management (AM) business applications and infrastructure systems; and analyzing AM business priorities and providing technical direction to business unit technology and Enterprise Cybersecurity program leaders to ensure the business operates securely within Amazon Web Services (AWS) Cloud and traditional on-premise environments.

DE identifying, measuring, and reporting systemic cross-enterprise technology vulnerabilities and security mechanisms -- authentication and authorization techniques including, OAuth, elevated access management, Azure Active Directory, access management tools, data protection, and encryption -- of business-sensitive non-public information; providing enterprise security guidance and consulting for technology solutions and controls; and supporting operational and technology risk functions -- vendor and recordkeeping risks, and regulatory examination, internal and external audit, and control assessments.

DE planning and leading cybersecurity initiatives -- trading crypto-fund systems and approved vendors by engaging with business product and development delivery teams and analyzing their DevOps practices to ensure compliance with cybersecurity policies and programs, including increasing cybersecurity product adoption -- to improve the risk posture of business unit critical application and system infrastructure.

DE conducting incident security investigations -- designing incident classifications for network security breaches -- according to incident threat classifications; and monitoring Key Performance Indicators (KPIs) to ensure they meet month-on-month AM cybersecurity deadlines.

For full job details and to apply, please visit https://wd1.myworkdaysite.com/en-US/recruiting/fmr/FidelityCareers and search for job number: 2059872.

Keywords: Fidelity Investments, Boston , Director, Cybersecurity - 2059872, Finance , Merrimack, NH, Massachusetts