Cybersecurity Consultant (Internal Audit Facilitator)

Company: Fidelity TalentSource
Location: Smithfield
Posted on: May 22, 2025

Job Description:

Cybersecurity Consultant (Internal Audit Facilitator)Fidelity TalentSource is your destination for discovering your next temporary role at Fidelity Investments! We are currently sourcing for a Sr. Cybersecurity Consultant (Regulatory & Audit) to work in Fidelity's Enterprise Cybersecurity division in Smithfield, RI!The TeamThe Enterprise Cybersecurity (ECS) Regulatory & Audit team helps ECS and corporate partners manage firm-wide cybersecurity risk by providing key support services. As part of Cyber Regulatory & Audit, the ECS Internal Audit Engagement (IAE) team supports 25-30 internal audits annually. IAE seeks to reduce cyber risk through improved engagement and partnership with ECS Product Areas and Audit to ensure alignment, transparency, and efficiency throughout pre-audit, active audit, and post-audit efforts.The RoleThe ECS Internal Audit Engagement (IAE) team is seeking a hard-working and expert cybersecurity risk professional to support and partner with ECS Product Areas and Fidelity Corporate Audit. The role requires steadfast collaboration throughout the three phases of audit engagement: pre-audit (roadmap alignment, pre-audit control risk gap assessments, trend/theme analysis), active audit (risk quantification, drafting action plans, facilitating risk acceptances), and post-audit (action plan closure, reporting and metrics).The Expertise and Skills You BringProven Risk Management and Mitigation experienceStrong Risk, Process, Cyber Threat Analysis, and Control Gap Assessment skillBroad knowledge of cybersecurity threats and tacticsUnderstanding of NIST Cybersecurity Framework standards and practices, COBIT 5Knowledge of Operations & Technology (identity & access management; physical/personnel security; security ops assessments), Information Risk Management (vendor risk management; cloud computer security; data management), Software Development Process and application security.Understanding of FAIR (Factor Analysis of Information Risk) cyber risk frameworkFamiliarity with Archer GRC, Jira, and ServiceNowGeneral Business SkillsExperience working as corporate/internal auditor or working with corporate audit functionAnalyst mentality to deep dive into audit findings to understand and communicate risks and appropriate responsesHighly motivated, self-directed, independent problem solver with attention to detail.ResponsibilitiesPartner with internal teams to identify ECS control gapsPartner with Audit and ECS teams to confirm reported audit issues and perform FAIR quantitative risk assessmentsDrafting responses (Action Plans) to address valid audit observationsManage ECS Product Areas progress toward timely completion of action plansFind opportunities to improve team processes to better support ECS Product AreasManage ECS Risk AcceptancesMaintain and make use of metrics that support various reports and critical meetingsPartner w/ ECS Product Areas to gain in-depth understanding of roadmaps, backlogs, etc.Education and ExperienceBachelor's degree (or equivalent experience) in technology, computer science, or engineering strongly preferred5+ years' experience in cybersecurity risk management, technology operations, system analysis, and/or project managementCertification a plus: CISSP (Information Systems Security Professional), CEH (Certified Ethical Hacker), CISA (Certified Information Systems Auditor)Dynamic WorkingAt Fidelity TalentSource, our goal is for most people to work flexibly in a way that balances both personal and business needs with time onsite and offsite through what we call "Dynamic Working." Most associates will have a hybrid schedule with a requirement to work onsite at a Fidelity location for at least one week, 5 consecutive days, every four weeks. These requirements are subject to change.

Keywords: Fidelity TalentSource, Woonsocket , Cybersecurity Consultant (Internal Audit Facilitator), Other , Smithfield, Rhode Island