Fidelity Investments

Principal Technology Risk Analyst

Posted 14 Days Ago

Be an Early Applicant

Boston, MA, USA

In-Office

130K-137K Annually

Senior level

Fintech

The Role

Lead technology risk identification and mitigation by performing audits, penetration testing, and technical risk assessments across cloud and on-prem platforms. Build automated monitoring, dashboards, and analytics (SQL/Python/PowerBI/Tableau) to report KPIs, track controls, enable audit readiness, and partner with engineering to embed secure, scalable controls and improve operational efficiency.

Summary Generated by Built In

Job Description:

Position Description:

Documents and communicates risk findings, while building data drive dashboards and trend reports to support leadership decision-making, using NIST, SOC, and COSO frameworks for governance, risk management, and compliance. Supports enterprise risk management by partnering with technology domains to assess the effectiveness of controls, implements automated monitoring and data analysis solutions to identify emerging risks, and informs proactive mitigation strategies. Identifies, assesses, and quantifies risks via data analytics, using MS Excel, SQL, Python, PowerBI and Tableau, and technical assessments (penetration testing, risk assessments, audits and vendor security assessments), enabling teams to proactively self-identify and remediate issues. Analyzes Key Performance Indicators (KPIs) to assess technology performance and optimize delivery models to improve scalability and operational efficiency. Develops plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure, and to meet emergency data processing needs.

Primary Responsibilities:

Collaborates across cross-functional teams to break down complex solutions, drive consensus, and align enterprise-wide strategies.
Monitors and reports security compliance on computing platforms including end user devices, critical enterprise APIs, server, and database systems to strengthen their protection against computer virus and other cyberattacks.
Conducts risk assessments and tests data processing systems to ensure the operational integrity and security measures.
Enables audit readiness and risk alignment by guiding technical teams through internal audits and risk assessments, to ensure control effectiveness and audit-ready documentation.
Builds risk monitoring solutions to detect emerging risk patterns, track control performance, and provide actionable insights for continuous improvement.
Collaborates with architects and engineering leads to define scalable, secure, and resilient controls across business units, embedding risk awareness into delivery practices.
Support strategic risk initiatives by communicating complex technical issues to leadership, fostering trust and a strong risk control culture.
Support operating model optimization by analyzing performance and risk metrics to identify inefficiencies and recommend improvements aligned with strategic goals.

Education and Experience:

Bachelor’s degree in Computer Science, Engineering, Information Technology, Information Systems, Cybersecurity, or a closely related field (or foreign education equivalent) and five (5) years of experience as a Principal Technology Risk Analyst (or closely related occupation) performing IT audits, penetration testing, and risk assessments using Cloud security, operating system technologies, SecDevOps, networking and cybersecurity tools, and scripting and data analytics, in an Enterprise Technology domain.

Or, alternatively, Master’s degree in Computer Science, Engineering, Information Technology, Information Systems, Cybersecurity, or a closely related field (or foreign education equivalent) and three (3) years of experience as a Principal Technology Risk Analyst (or closely related occupation) performing IT audits, penetration testing, and risk assessments using Cloud security, operating system technologies, SecDevOps, networking and cybersecurity tools, and scripting and data analytics, in an Enterprise Technology domain.

Skills and Knowledge:

Candidate must also possess:

Demonstrated Expertise (“DE”) performing cybersecurity technology audit and risk analysis of applications within Cloud infrastructure environments (AWS and Azure services), using DivvyCloud, CloudDiscovery, Datadog, Snowflake, and SecureTrak; and performing cybersecurity assessments -- including system hardening, identity management, and data protection of server platforms (Linux, Unix, and Windows), databases (SQL, NoSQL, and Cloud-native), Mainframe TSS Z/OS, and IBM MQs -- using Microsoft Defender, Unix Shell scripting, Powershell Scripting, Splunk, and JSonar.
DE planning and executing data-driven risk identification and mitigation engagements for large-scale digital platforms, using Splunk Logging, PowerShell scripting, Python Scripting, MS Excel, PowerBI for data analytics and visualization, and AWS Cloudtrail.
DE evaluating end-to-end security of platforms and Continuous Integration and Continuous Delivery (CI/CD) pipelines (including penetration testing), using GitHub, Jenkins, CyberArk, HashiCorp Vault, and Artifactory.

Salary: $129,600.00 - $137,000.00/year.

#PE1M2

#LI-DNI

Certifications:

Category:Information Technology

Please be advised that Fidelity’s business is governed by the provisions of the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, the Investment Company Act of 1940, ERISA, numerous state laws governing securities, investment and retirement-related financial activities and the rules and regulations of numerous self-regulatory organizations, including FINRA, among others. Those laws and regulations may restrict Fidelity from hiring and/or associating with individuals with certain Criminal Histories.

Skills Required

Bachelor's degree in Computer Science, Engineering, Information Technology, Information Systems, Cybersecurity or closely related field with five years relevant experience, OR Master's degree with three years relevant experience
Experience performing IT audits, penetration testing, and risk assessments in an enterprise technology environment
Hands-on experience with cloud security in AWS and Azure environments
Proficiency with data analytics and scripting: SQL, Python, PowerShell, Unix shell, and MS Excel
Experience building visualizations and dashboards using PowerBI and Tableau
Experience with logging and monitoring tools such as Splunk, Datadog, and AWS CloudTrail
Familiarity with cloud tooling: DivvyCloud, CloudDiscovery, Snowflake, SecureTrak
Experience securing server platforms (Linux, Unix, Windows), databases (SQL, NoSQL, cloud-native), mainframe TSS Z/OS, and IBM MQ
Experience with CI/CD and developer tooling security including GitHub, Jenkins, CyberArk, HashiCorp Vault, and Artifactory
Knowledge of governance and risk frameworks: NIST, SOC, COSO
Experience implementing system hardening, identity management, and data protection controls

Fidelity Investments Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Fidelity Investments and has not been reviewed or approved by Fidelity Investments.

Strong & Reliable Incentives — Bonuses, commissions, and profit-sharing are presented as generous and meaningful components of total compensation, with certain roles achieving high total earnings through multiple pay streams. Variable pay is consistently framed as a positive contributor beyond base salary.
Retirement Support — A 401(k) match up to 7% alongside additional profit-sharing up to 10% materially enhances long-term compensation. These retirement features are highlighted as standout strengths of the overall package.
Parental & Family Support — Generous paid parental leave (16 weeks maternity, 12 weeks parental), backup dependent care, and adoption assistance provide robust family support. Hybrid work and caregiving resources further ease family responsibilities.

Learn more about Fidelity Investments's Compensation & Benefits →

Fidelity Investments Insights

What's It Like to Work at Fidelity Investments? Fidelity Investments Culture & Values Fidelity Investments Career Growth & Development What's the Work-Life Balance Like at Fidelity Investments? Fidelity Investments Leadership & Management Fidelity Investments Company Growth, Stability & Outlook

View all jobs at Fidelity Investments

View Fidelity Investments Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

HQ: Boston, MA

58,848 Employees

Year Founded: 1946

What We Do

At Fidelity, our goal is to make financial expertise broadly accessible and effective in helping people live the lives they want. We do this by focusing on a diverse set of customers: - from 23 million people investing their life savings, to 20,000 businesses managing their employee benefits to 10,000 advisors needing innovative technology to invest their clients’ money. We offer investment management, retirement planning, portfolio guidance, brokerage, and many other financial products. Privately held for nearly 70 years, we’ve always believed by providing investors with access to the information and expertise, we can help them achieve better results. That’s been our approach- innovative yet personal, compassionate yet responsible, grounded by a tireless work ethic—it is the heart of the Fidelity way.