Title: Principal Technology Risk Analyst
Note: Fidelity will not provide immigration sponsorship for this position.
The Role
The Enterprise Technology Risk group is seeking a passionate, driven and experienced professional to contribute to the Technology Risk Program and Regulatory Assurance CoE team. This role is responsible for performing regulatory and program management responsibilities, including designing and maintaining technology controls to support program and regulatory requirements. This role will require networking and relationship management skills to collaborate with the Controls Testing team, and various business units and risk teams across the enterprise. You will be working on:
- Ensuring risk and control taxonomy aligns with enterprise standards
- Developing and monitoring technology controls for security and compliance
- Providing technical support and acting as liaison for technology risk management
- Managing control updates, annual mapping, and testing requirements
- Design, document, and maintain Risk and Control Matrices (RCMs/RACMs) across business and IT processes
- Continuously improve and standardize control documentation and governance practices
- Overseeing control certification process
- Partnering with Control Testing team to track progress and remediation
- Representing ETRA in enterprise control initiatives and special projects
- Supporting regulatory activities, risk assessments, and examinations
- Leading and supporting SOX 404 compliance, including control documentation
- Reviewing SOC reports, assessing CUECs, and communicating control gaps
The Team
The Technology Risk Program and Regulatory Assurance team is responsible for managing controls to support program requirements, monitoring the results of control testing to meet program requirements, and ensuring a consistent risk and control taxonomy is leveraged in accordance with enterprise best practices. Additionally, this team supports regulatory activities such as maintaining application, server, and database inventories by entity. Technology Risk is part of the broader Legal, Risk and Compliance group and partners with Corporate Audit, Enterprise Compliance, and Security to protect the interests of our customers, our employees, and Fidelity’s brand. You will also work closely with the Enterprise Technology Risk teams as well as Fidelity technology and business owners, and Operational Risk teams.
The Expertise and Skills You Bring
- 5 -7 years’ experience in information technology risk, controls, or audit roles
- Bachelor’s degree in computer science, technology, or a related field of study preferred
- Professional technology and associated risk certifications (CISSP, CISA, CRISC, CISM), Certified risk/fraud examiners (CRE, CFE), and/or Cloud Certification(s) (CCSP, CCSK, AWS) preferred
- Experience documenting controls for large scale financial service organizations (cloud, distributed, vendor solutions, mainframe, network environments, and AI)
- Demonstrated technical abilities in multiple areas (e.g., technology infrastructure and application controls, cyber security, access management, network and cloud, resiliency, etc.)
- Working knowledge of Cloud security and controls and cloud technology environments (AWS/Azure, SaaS, PaaS)
- You have a strong knowledge of information technology processes and controls, and a comprehensive understanding of risk, quality control and assurance functions
- Your love of solving complex problems, and comfort with ambiguous situations, and your ability to help solution innovative ways to mitigate risk using your advanced analytical and critical thinking skills
- Your ability to build and maintain collaborative working relationships with Information Technology and Business personnel to design effective controls
- Your process orientation and understanding of operations and technology enabling you to provide support in the analysis, development, and monitoring of controls
- Knowledge of Industry standards, regulations, frameworks and best practices, such as NIST SP 800-53, COBIT, AICPA Trust Principles, ISO27001, SWIFT, HITRUST, and SOX404 is preferred
- ISO9001 and/or ISO27001 certification preferred, with responsibility to support and participate in ISO peer audit reviews.
- Knowledge of Governance, Risk, and Compliance (GRC) tools, such as Archer is preferred
- Your excellent verbal and written communication skills enabling you to prepare and present recommendations to senior management
Note: Fidelity will not provide immigration sponsorship for this position.
Fidelity’s Onsite Working Model
Fidelity is transitioning to a full-time onsite working model through a phased rollout across regions and roles. Currently, some roles and locations require 100% onsite presence, while others require less. Onsite expectations are likely to evolve as the rollout continues. This transition does not apply to fully remote roles.
Please be advised that Fidelity’s business is governed by the provisions of the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, the Investment Company Act of 1940, ERISA, numerous state laws governing securities, investment and retirement-related financial activities and the rules and regulations of numerous self-regulatory organizations, including FINRA, among others. Those laws and regulations may restrict Fidelity from hiring and/or associating with individuals with certain Criminal Histories.
Skills Required
- 5-7 years experience in information technology risk, controls, or audit roles
- Bachelor's degree in computer science, technology, or related field
- Experience documenting controls for large-scale financial services environments (cloud, distributed, vendor solutions, mainframe, network, AI)
- Working knowledge of cloud security and controls and cloud environments (AWS, Azure, SaaS, PaaS)
- Professional certifications (CISSP, CISA, CRISC, CISM) or cloud certs (CCSP, CCSK, AWS)
- Knowledge of industry standards, regulations, frameworks (NIST SP 800-53, COBIT, AICPA Trust Principles, ISO27001, SWIFT, HITRUST, SOX404)
- ISO9001 and/or ISO27001 certification and participation in ISO peer audit reviews
- Familiarity with GRC tools (e.g., Archer)
- Strong verbal and written communication and ability to present recommendations to senior management
- Ability to build collaborative relationships with IT and business stakeholders and drive control design and monitoring
Fidelity Investments Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Fidelity Investments and has not been reviewed or approved by Fidelity Investments.
-
Strong & Reliable Incentives — Bonuses, commissions, and profit-sharing are presented as generous and meaningful components of total compensation, with certain roles achieving high total earnings through multiple pay streams. Variable pay is consistently framed as a positive contributor beyond base salary.
-
Retirement Support — A 401(k) match up to 7% alongside additional profit-sharing up to 10% materially enhances long-term compensation. These retirement features are highlighted as standout strengths of the overall package.
-
Parental & Family Support — Generous paid parental leave (16 weeks maternity, 12 weeks parental), backup dependent care, and adoption assistance provide robust family support. Hybrid work and caregiving resources further ease family responsibilities.
Fidelity Investments Insights
What We Do
At Fidelity, our goal is to make financial expertise broadly accessible and effective in helping people live the lives they want. We do this by focusing on a diverse set of customers: - from 23 million people investing their life savings, to 20,000 businesses managing their employee benefits to 10,000 advisors needing innovative technology to invest their clients’ money. We offer investment management, retirement planning, portfolio guidance, brokerage, and many other financial products. Privately held for nearly 70 years, we’ve always believed by providing investors with access to the information and expertise, we can help them achieve better results. That’s been our approach- innovative yet personal, compassionate yet responsible, grounded by a tireless work ethic—it is the heart of the Fidelity way.
.jpg)






