Job Description:
The Role
We are looking for a highly experienced and skilled technical candidate to join the retail and institutional brokerage audit team as Internal Audit Technology Director. In this role, you will be able to apply your deep technical expertise to deliver high quality audits as well as expand your knowledge of financial services, and coach junior team members. There is no better place to drive solutions for improving internal controls than to operate at the nexus of technology and business with Fidelity Corporate Audit. As an Internal Audit Technology Director, you will provide independent and objective audit services that help Fidelity manage risk, improve customer service, and enhance business performance. Our primary motivation is to drive positive change throughout the firm.
The Expertise and Skills You Bring
BA/BS/MS in Technology, Information Systems, Cybersecurity, or related field of study.
12+ years of experience in building complex technology solutions or independently leading complex information technology audits, with exposure in cloud security, containerization, cybersecurity, API, DevOps, secure software development, application security, databases, and operating systems.
Experience working with and understanding the needs of clients.
Cloud computing (AWS) related advanced-level certifications preferred (AWS Solutions Architect/ AWS Security Specialty).
Professional Audit or Information Security certifications preferred (CIA, CPA, CISA, CISSP, SANS GIAC, etc.).
Knowledge of financial services and/or relevant technologies supporting financial services operations (e.g. brokerage, regulatory transfer agency, financial statements etc.) preferred.
Expert knowledge of authentication, authorization, and credential management.
Understanding of artificial intelligence, machine learning, LLM, data science and Robotic Process Automation (RPA) tools.
Hands-on skills with various Programming/Scripting Languages (Python, PowerShell, Java, etc.), audit testing tools, and automation.
Deep technical problem solving and data analytical skills.
The Team
As an IT Audit Director, you will be responsible for leading complex technology and/or integrated audits independently, evaluating risks (e.g., technology, financial, reputational, and regulatory), developing hypotheses around related controls, providing input to the development of the integrated audit plan, presenting issues and findings to management, devising solutions for business improvements, and following-up on corrective actions. You will need to work effectively to:
Facilitate/ assist with risk assessments, audit plan creation
Provide technical expertise on audit scoping and lead execution of multiple concurrent IT audits, including reviews of cyber security, existing production applications, systems currently being developed, technology infrastructure and specialized or emerging technologies.
Coach junior members of the team on technology. Work with middle to senior management within a business or function to facilitate the identification and resolution of complex risks (both business and technological) and to provide advice to management regarding mitigation of these risks.
Lead the assessment of the controls over application processes, physical and logical security; systems acquisition and development; system and network infrastructure; system architecture; computer operations; and production support.
Engage with the team to offer feedback on work-in-progress, clarify requirements and answer questions, while motivating and influencing team, and being a voice for its members
Develop data analysis and apply innovative automated tools to provide management with proper context of potential exposure and loss of business due to control weaknesses.
Develop an ongoing trusted advisor relationship with audit clients and Internal Audit business unit colleagues to ensure timely and consistent advice.
Travel (10% annually) to perform audits, and to attend training or corporate events.
Placement in the range will vary based on job responsibilities and scope, geographic location, candidate's relevant experience, and other factors.
Base salary is only part of the total compensation package. Depending on the position and eligibility requirements, the offer package may also include bonus or other variable compensation.
We offer a wide range of benefits to meet your evolving needs and help you live your best life at work and at home. These benefits include comprehensive health care coverage and emotional well-being support, market-leading retirement, generous paid time off and parental leave, charitable giving employee match program, and educational assistance including student loan repayment, tuition reimbursement, and learning resources to develop your career. Note, the application window closes when the position is filled or unposted.
Please be advised that Fidelity's business is governed by the provisions of the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, the Investment Company Act of 1940, ERISA, numerous state laws governing securities, investment and retirement-related financial activities and the rules and regulations of numerous self-regulatory organizations, including FINRA, among others. Those laws and regulations may restrict Fidelity from hiring and/or associating with individuals with certain Criminal Histories.
Fidelity's hybrid working model blends the best of both onsite and offsite work experiences. Working onsite is important for our business strategy and our culture. We also value the benefits that working offsite offers associates. Most hybrid roles require associates to work onsite every other week (all business days, M-F) in a Fidelity office.