Jobs · Finance · New Hampshire

Principal Technology Risk Analyst - Program & Regulatory Assurance

Fidelity Investments · Merrimack, NH · 1 wk ago
On-siteFinanceFull-time

Responsibilities

  • Ensuring risk and control taxonomy aligns with enterprise standards
  • Developing and monitoring technology controls for security and compliance
  • Providing technical support and acting as liaison for technology risk management
  • Managing control updates, annual mapping, and testing requirements
  • Designing, documenting, and maintaining Risk and Control Matrices (RCMs/RACMs) across business and IT processes
  • Continuously improving and standardizing control documentation and governance practices
  • Overseeing control certification process
  • Partnering with Control Testing team to track progress and remediation
  • Representing ETRA in enterprise control initiatives and special projects
  • Supporting regulatory activities, risk assessments, and examinations
  • Leading and supporting SOX 404 compliance, including control documentation
  • Reviewing SOC reports, assessing CUECs, and communicating control gaps

Requirements

  • 5 - 7 years’ experience in information technology risk, controls, or audit roles
  • Bachelor’s degree in computer science, technology, or a related field of study preferred
  • Professional technology and associated risk certifications (CISSP, CISA, CRISC, CISM), Certified risk/fraud examiners (CRE, CFE), and/or Cloud Certification(s) (CCSP, CCSK, AWS) preferred
  • Experience documenting controls for large scale financial service organizations (cloud, distributed, vendor solutions, mainframe, network environments, and AI)
  • Demonstrated technical abilities in multiple areas (e.g., technology infrastructure and application controls, cyber security, access management, network and cloud, resiliency, etc.)
  • Working knowledge of Cloud security and controls and cloud technology environments (AWS/Azure, SaaS, PaaS)

Skills

  • A strong knowledge of information technology processes and controls, and a comprehensive understanding of risk, quality control and assurance functions
  • Able to solve complex problems, comfortable with ambiguous situations, and able to help mitigate risk using advanced analytical and critical thinking skills
  • Able to build and maintain collaborative working relationships with Information Technology and Business personnel to design effective controls
  • A process orientation and understanding of operations and technology enabling support in the analysis, development, and monitoring of controls
  • Knowledge of Industry standards, regulations, frameworks and best practices, such as NIST SP 800-53, COBIT, AICPA Trust Principles, ISO27001, SWIFT, HITRUST, and SOX404
  • Knowledge of Governance, Risk, and Compliance (GRC) tools, such as Archer
  • Excellent verbal and written communication skills enabling preparation and presentation of recommendations to senior management

Similar jobs

Principal Technical Analyst

OracleDenver, CO· 1 wk ago
RemoteInformation Technology$35.63–$71.3/hrapply on eeho.fa.us2.oraclecloud.com