Principal, Cybersecurity Risk, Jersey City, NJ

Principal, Cybersecurity Risk

Published: May 06

ID: 2127845

Hybrid

Experience Level

Senior Manager

Job Description:

Note: Fidelity will not provide immigration sponsorship for this position

The Role

The Enterprise Cybersecurity Risk (ECS Cyber Risk) team is seeking an experienced Principal-level risk professional to lead in the creation of cyber risk analysis pertaining to ECS. The candidate will understand current and emerging cybersecurity risks and determine key risk scenarios for the ECS Product Areas. The candidate will participate in risk / threat modeling sessions to prioritize top risks. The candidate will advise on both exceptions and audit finding risk levels to drive down the number of exceptions and accurately risk rate audit findings. The candidate will quantify cyber risk and present analyses at the technical and executive level that will allow senior management to make informed decisions based on resulting risk data.

The Expertise and Skills You Bring

Minimum 3-5 years of risk experience quantifying cyber risk scenarios and presenting data in a meaningful and insightful way to senior leaders.
Demonstrated experience in cybersecurity risk management, assessment frameworks, and metrics reporting.
Experience managing projects end-to-end, from initial stages of acquiring data from multiple sources and subject matter experts to the tracking, maintenance, and closure of a project, with proven ability to integrate data into risk analysis tools and communicate progress effectively across multiple lines and levels.
Use and understanding of governance, risk, and compliance tools.
Advanced understanding of NIST 800-53 Cybersecurity Framework, Cybersecurity Risk Institute (CRI), and FAIR
CRISC, CISSP, or CISM certifications are preferred.
You have effective communication and excellent presentation skills to senior leaders.
You can deep dive into metrics that will both (1) quantify the work being done and (2) quantify how cyber risk position has improved.
Critical thinking skills to ask detailed questions and fully vet answers to uncover discrepancies and gaps others may not have found is a must.
You can work across business lines to influence change and help mitigate cyber risk.
You have an intermediate understanding of risks pertaining to the following: cloud security, access controls, encryption, vendor security, data exfiltration, application security, perimeter security, customer protection, privileged access, denial of service, unpatched vulnerabilities, and end of life software.
You operate in a fast-paced environment and can complete analyses quickly and accurately integrating new cybersecurity data into risk models as it emerges.
You bring an investigator mindset to deep dive into metrics to understand and communicate actionable risk to business and technology groups.
Determining the appropriate controls for cybersecurity risks
Working with asset inventory and asset management
Evaluating multiple sources, reports, industry trends to compare risk related findings to existing ECS policies and uncover gaps and opportunities for process improvement.
Determining what, who, and where changes are warranted to close gaps, working with appropriate contacts to draft policy enhancement ensuring continued progress.

The Team

ECS Cyber Risk provides cybersecurity risk analyses pertaining to existing and emerging risk scenarios and communicates these risks to appropriate ECS technical teams and senior leadership. This team focuses on identifying, measuring, prioritizing, and reporting on cyber risk scenarios and will work both independently and across business units and technology teams to assist senior management with informed decisions and directions in strategy to either maintain the course or if needed, change direction.

The base salary range for this position is $107,000-216,000 USD per year.

Placement in the range will vary based on job responsibilities and scope, geographic location, candidate’s relevant experience, and other factors.

Base salary is only part of the total compensation package. Depending on the position and eligibility requirements, the offer package may also include bonus or other variable compensation.

We offer a wide range of benefits to meet your evolving needs and help you live your best life at work and at home. These benefits include comprehensive health care coverage and emotional well-being support, market-leading retirement, generous paid time off and parental leave, charitable giving employee match program, and educational assistance including student loan repayment, tuition reimbursement, and learning resources to develop your career. Note, the application window closes when the position is filled or unposted.

Please be advised that Fidelity’s business is governed by the provisions of the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, the Investment Company Act of 1940, ERISA, numerous state laws governing securities, investment and retirement-related financial activities and the rules and regulations of numerous self-regulatory organizations, including FINRA, among others. Those laws and regulations may restrict Fidelity from hiring and/or associating with individuals with certain Criminal Histories.

Certifications:

Category:

Information Technology

Company overview

Company overview

At Fidelity, we are passionate about making our financial expertise broadly accessible and effective in helping people live the lives they want. We are a privately held company that places a high degree of value in creating and nurturing a work environment that attracts the best talent and reflects our commitment to our associates. We are proud of our diverse and inclusive workplace where we respect and value our associates for their unique perspectives and experience.

Reasonable accommodations

Fidelity will reasonably accommodate applicants with disabilities who need adjustments to participate in the application or interview process. To initiate a request for an accommodation contact the HR Accommodation Team by sending an email to [email protected], or by calling 800-835-5099, prompt 2, option 3.

Equal opportunity employer

Fidelity Investments is an equal opportunity employer. We believe that the most effective way to attract, develop, and retain a diverse workforce is to build an enduring culture of inclusion and belonging.

Applicant screening

At Fidelity, we value honesty, integrity, and the safety of our associates and customers within a heavily regulated industry. Certain roles may require candidates to go through a preliminary credit check during the screening process. Candidates who are presented with a Fidelity offer will need to go through a background investigation and may be asked to provide additional documentation as requested. This investigation includes but is not limited to a criminal, civil litigations and regulatory review, employment, education, and credit review (role dependent). These investigations will account for 7 years or more of history, depending on the role. Where permitted by federal or state law, Fidelity will also conduct a pre-employment drug screen, which will review for the following substances: Amphetamines, THC (marijuana), cocaine, opiates, phencyclidine.

AI Guidelines

Learn about our guidelines for use of AI when applying for a Fidelity job

Similar Jobs

Job Description:

Certifications:

Category:

Apply

Benefits that balance life and work

Company overview

Similar Jobs

Job Description:

Certifications:

Category:

Apply

Benefits that balance life and work

Company overview

Similar Jobs

Director, Fraud Risk Oversight

Prime Brokerage Risk Manager

Manager, Fraud Risk Oversight

Not finding the right fit?