In order to search for jobs specifically for CAIA Charterholders or those pursuing the CAIA Charter please enter “CAIA” in the search panel.
This will enable you to search for CAIA specific roles globally.
The Global Cyber & Information Security function is a part of the Global Technology department. The Global Technology Group function provides IT services to the Fidelity International business. These include the development and support of business applications that underpin our revenue, operational, compliance, finance, legal, marketing and customer service functions. The broader organisation incorporates Infrastructure services that the firm relies on to operate on a day to day basis including data centre, networks, proximity services, security, voice, incident management and remediation.
Global Cyber & Information Security is made up of the following functions.
Centralised Access Management
Security Engineering and Architecture
Security Application Support
Cyber Defence Operations (CDO)
Information Security (and the ISO function)
The Cyber Defence Operations function at Fidelity International is part of the Global Cyber & Information Security (GCIS) Group, reporting to the Head of Global Cyber & Information Security. Our mission is to develop an intelligence-led, proactive cyber security response to defend Fidelity and its assets from cyber threats, to reduce risk and business impact. We adopt an 'assumed breach' position using multiple in-depth capabilities for protection, detection and response along with established playbooks to enable rapid response when an event occurs.
Purpose of your role
The successful candidate will be experienced in leading and developing the Data Loss Prevention (DLP) capability across multiple channels and technologies. The role will also require you to expand and explore the wider Insider Risk capabilities in the market to broaden coverage and improve intelligence and accuracy of event detection and prevention. You will manage a globally distributed team and be responsible for developing and shaping its future.
This is a critical role in which you will be expected to build and maintain relationships with key stakeholders across the organisation (technology and business operations) to help shape and mature our Insider Risk security strategy.
The successful candidate will be comfortable working with stakeholders at all levels, performing comprehensive assessments of controls and able to implement the agreed improvements. You will also be supported by a strong security leadership team who are keen to drive capabilities in this space forward, underpinned by appropriate investment in security tooling. Our leadership team and the business aligned Information Security Officers (ISO) will be working closely with you to continually identify how we protect our critical assets to make sure we continue to provide a secure service to our clients.
Manage the Cyber Defence Insider Risk Team
Delivery against Cyber Defence and GCIS and the business strategy
Build and develop sustainable solutions using automation where possible
Work with global stakeholders to continually identify information that requires protection, this includes ISO's, 1st & 2nd Risk and Data Protection.
Develop and improve the DLP / Insider Risk strategy to continually improve our capability in this area
Implement said strategy
Create continuous improvement loops with other security teams including detect and response and Detection Engineering and Automation.
Working with our providers create new and innovative methods to identify improvements and simplifications of controls. e.g through automation or tool optimisation.
Manage our DLP supplier relationships
Own the creation and improvement process for reporting this includes KPI's and KRI's
Experience and Qualifications
Experience and strong understanding of data loss prevention technologies and capabilities
Competent in a scripting language, preferably Python.
Experience creating or continually improving a Data loss / Insider Risk program
Strong reporting ability, with an understanding on how to tailor reports to different audiences.
Comprehensive understanding of data protection, information, and cyber security
Familiarity with automation technologies
Experience in cloud environments would be desirable
Strong communication skills with evidence of being in a position responsible for communicating technical issues to non-technical users; such as formal stakeholder engagement/communications
Banking or Finance industry related experience desirable
CISSP or equivalent security certification preferred
Experience and Qualifications Required
Challenge the current processes
Passion for the cybersecurity field
Able to organize others
Your skills and experience
At least 5 years of experience in technical security engineering
Knowledge of or experience working with security tooling (DLP, SIEM, SOAR)
Experience explaining the risk of security threats and creating mitigations.
Experience of general IT infrastructure technologies and principles.
Ability to automate tasks using scripting on both Windows and Linux systems.
Experience dealing with security incidents using the NIST framework.
Experience using data science or advance analytical tools to inform decisions.
Nice to Have Certifications - Security+, Network+, GCIA, GCIH, GCFA, GMON, GNFA, SSCP, OSCP
About Fidelity International Fidelity International offers investment solutions and services and retirement expertise to more than 2.5 million customers globally. As a privately held, purpose-driven company with a 50-year heritage, we think generationally and invest for the long term. Operating in more than 25 countries and with $739.9 billion in total assets, our clients range from central banks, sovereign wealth funds, large corporates, financial institutions, insurers and wealth managers, to private individuals.
Our Workplace & Personal Financial Health business provides individuals, advisers and employers with access to world-class investment choices, third-party solutions, administration services and pension guidance. Together with our Investment Solutions & Services business, we invest $567 billion on behalf of our clients. By combining our asset management expertise with our solutions for workplace and personal investing, we work together to build better financial futures.
Our clients come from all walks of life and so do we. We are proud of our inclusive culture and encourage applications from the widest mix of talent, whatever your age, gender, ethnicity, sexual orientation, gender identity, social background and more.
As a flexible employer, we trust our people to perform their role in the way that works best for them, our clients and our business. We are a disability-friendly company and would welcome a conversation with you if you feel you might benefit from any reasonable adjustments to perform to the best of your ability during the recruitment process and beyond. Data as at 31 March 2021. Read more at https://www.fidelityinternational.com/
Applying to this Job Role: Please note you are only required to upload your CV/Resume to the application screen.