Senior Technical Analyst - Information Security

Job Description

About the opportunityDepartment DescriptionThe Global Cyber & Information Security (GCIS) department is a part of the Global Technology & Digital department. The Technology and Digital team provide services that underpin every area of the global Fidelity business. These include the development and support of business applications that underpin our revenue, operational, compliance, finance, legal, and marketing, and customer service functions. The broader organization incorporates Infrastructure services that the firm relies on to operate on a day-to-day basis including data centers, networks, proximity services, security, voice, incident management, and remediation.The Global Cyber & Information Security (GCIS) function operates enterprise security services and controls that are designed to mitigate Cyber and Information Security risks, enabling the business to operate securely. Technical Cybersecurity teams monitor the internal and external threat environment, respond to security alerts and events in close to real-time, and provide security assurance and access management services across the enterprise technology and business environment. Information Security Officers are aligned to business channels and Fidelity regions as appropriate, to ensure the Fidelity Information Security standards are embedded and risks are managed.Team & Role DescriptionThe Information Security function at Fidelity International is part of the Global Cyber & Information Security (GCIS) group, reporting to the Head of Global Cyber & Information Security. The function includes the Information Security Office and Information Security Management. The Information Security function works with business partners and channels to balance their strategies with reducing risk to the organization, supporting those partners to manage data risk within the firm s risk appetite.The Information Security function acts as the business engagement point, providing a bridge between business, technology, and Cybersecurity. The Information Security function takes in business requirements, but also delivers back key control requirements and supports the business in achieving the required control targets and behaviors.Role: The Information Security Technical Senior Analyst is primarily responsible for supporting the Information Security function in managing the information security risk effectively within Fidelity. As the role is business-facing, it requires great communication skills and an ability to understand policies, risk, controls, and governance within compliance, operations, or audit; and advising colleagues on the best practice.Key ResponsibilitiesWork with the Information Security Officers on different security projects that address identified risks and business security requirements.Provide advice and guidance to internal customers, technical groups, and projects on matters of Information Security and risks. Ensure any material security risks to the business are communicated in a timely and effective manner and line with the security policies and control requirements.Contribute to the definition, development, and oversight of a global information security governance, risk, and compliance framework.Supporting the development and evaluation of Information Security policies, controls, standards, process requirements, and guidance.Incorporate innovative process improvements that add value provide the framework to produce metrics that can be used to assist current and future management decisions.Facilitating and drafting the policies for formal agreement in consultation with stakeholders to identify the structure and coverage of Information Security Policies & Standards.Support and maintain oversight to ensure all Information Security Policies, Standards, Procedures, and Guidelines comply with the applicable regulatory requirements and chosen industry standards.Work with IT and business personnel to provide education and ensure awareness and alignment of ongoing ISMS compliance obligationsTo work closely with colleagues in India, UK, Continental Europe, and Asia to plan and deliver security programsExperience and QualificationsMust have

• 4 years experience in Information Security in a large organization, preferably Financial Services.
• Detailed working experience of information security policies, standards, controls, and frameworks
• Experience of working in an ISO 27001 accredited organization
• Good understanding of various information security standards like NIST, CIS Top 20, ISO 27001, Cloud Security Alliance CCM, COBIT, etc
• Knowledge of cloud technologies and cloud security is desired; familiarity with public cloud technologies such as Amazon Web Services (AWS) or Microsoft Azure is desirable.
• General understanding of IT security principles relating to maintaining a secure environment by using various technologies including networking products, VPN, access control, firewalls, intrusion detection systems, and application security methodologies.
• Well versed in Risk Management principle including 3 lines of defense
• Ability to plan, organize, coordinate and work well under pressure without supervision
• This role requires liaison with senior people both within the organization and externally. The candidate will be required to be professional, confident, confidential, and discreet
• An eye for detail with the ability to produce accurate, well-structured reports according to deadlines
• Innovative and team worker
• Excellent PC skills, especially office 365.
• Fluent in English

Desirable qualifications

• Related graduate degree
• Security certifications including CISSP, CISM or CISA

Certified ISO 27001 lead implementer or auditorAbout youAbout Fidelity InternationalFidelity International offers investment solutions and services and retirement expertise to more than 2.5 million customers globally. As a privately held, purpose-driven company with a 50-year heritage, we think generationally and invest for the long term. Operating in more than 25 countries and with $739.9 billion in total assets, our clients range from central banks, sovereign wealth funds, large corporates, financial institutions, insurers and wealth managers, to private individuals.Our Workplace & Personal Financial Health business provides individuals, advisers and employers with access to world-class investment choices, third-party solutions, administration services and pension guidance. Together with our Investment Solutions & Services business, we invest $567 billion on behalf of our clients. By combining our asset management expertise with our solutions for workplace and personal investing, we work together to build better financial futures.Our clients come from all walks of life and so do we. We are proud of our inclusive culture and encourage applications from the widest mix of talent, whatever your age, gender, ethnicity, sexual orientation, gender identity, social background and more.As a flexible employer, we trust our people to perform their role in the way that works best for them, our clients and our business. We are a disability-friendly company and would welcome a conversation with you if you feel you might benefit from any reasonable adjustments to perform to the best of your ability during the recruitment process and beyond. Data as at 31 March 2021. Read more at https://www.fidelityinternational.com/Applying to this Job Role: Please note you are only required to upload your CV/Resume to the application screen.,

Keyskills :
information security governancejavasecurity riskbankingweb servicescentral bankssqlit securitylinuxinformation security standardsaccess controlenvironmentcloud securityamazon web servicesiso 27001