Current jobs related to Lead Cybersecurity Risk Consultant - Boston, Massachusetts - Fidelity Investments
-
Boston, Massachusetts, United States ITmPowered, LLC Full timeJob Summary: We are seeking a highly skilled IT Auditor Consultant to join our team at ITmPowered, LLC. As a key member of our Technology Risk Management organization, you will be responsible for conducting IT Controls Assessments for a set of 20 custom IT controls in our Hospital Medical Device Cybersecurity Program.About the Role: The Sr. IT Auditor...
-
Senior Risk Management Consultant
3 days ago
Boston, Massachusetts, United States CrossCountry Consulting Full timeJob SummaryCrossCountry Consulting is a trusted business advisory firm, specializing in Accounting Advisory, Business Transformation, Risk & Compliance, Cybersecurity, and Technology Solutions.We are seeking a highly experienced Senior Risk Management Consultant to join our team. As a key member of our Risk Advisory practice, you will play a pivotal role in...
-
Cybersecurity Business Analyst
1 week ago
Boston, Massachusetts, United States Eliassen Group Full timeCybersecurity Business AnalystWe are seeking a highly skilled Cybersecurity Business Analyst to join our team at Eliassen Group. As a Cybersecurity Business Analyst, you will play a critical role in helping our clients achieve their business objectives by analyzing and improving their existing business processes.Key Responsibilities:Engage with stakeholders...
-
Boston, Massachusetts, United States ITmPowered, LLC Full timeAbout the Role:The Sr. IT Auditor Consultant will serve on behalf of the Technology Risk Management organization performing IT Controls Assessments for a set of 20 custom IT controls in this Hospital Medical Device Cybersecurity Program.Plan and perform full lifecycle audits (scope, plan, fieldwork, reporting) assessing Audit IT Controls Design prior to...
-
Boston, Massachusetts, United States ITmPowered, LLC Full timeAbout the Role:The Sr. IT Auditor Consultant will serve on behalf of the Technology Risk Management organization performing IT Controls Assessments for a set of 20 custom IT controls in this Hospital Medical Device Cybersecurity Program.Plan and perform full lifecycle audits (scope, plan, fieldwork, reporting) assessing Audit IT Controls Design prior to...
-
Cloud Cybersecurity Specialist
3 days ago
Boston, Massachusetts, United States Falconwood Full timeFalconwood is a woman-owned and veteran-owned company providing consultation and programmatic support to Department of Defense (DoD) Information Technology (IT) initiatives and programs.We provide expert advice and consultation on a diverse range of IT subjects, focusing on acquisition, cybersecurity, engineering, logistics, and process development.Job...
-
Safety Consultant
3 days ago
Boston, Massachusetts, United States Risk Strategies Full timeSafety Consultant RoleThe Safety Consultant position at Risk Strategies is responsible for providing risk management, loss prevention, and safety-related services to clients. This includes identifying and mitigating safety-related hazards, with a focus on workers' compensation, general liability, and automobile losses.Key ResponsibilitiesConduct safety...
-
Risk Consultant
1 week ago
Boston, Massachusetts, United States Extreme Event Solutions Full timeAbout the RoleWe are seeking a highly skilled Risk Consultant to join our team at Extreme Event Solutions. As a Risk Consultant, you will be responsible for performing sophisticated risk analyses using our cutting-edge technology for insurers, brokers, reinsurers, and other financial intermediaries in the internationally expanding business of extreme event...
-
Cyber Risk Assessment Director
1 week ago
Boston, Massachusetts, United States J&J Family of Companies Full timeCyber Risk Assessment DirectorJohnson & Johnson is seeking a highly skilled Cyber Risk Assessment Director to lead a team of security and risk professionals in conducting cybersecurity risk and compliance assessments. The ideal candidate will have a strong background in information security, cybersecurity controls, and industry frameworks, as well as...
-
Cybersecurity Engineer
2 months ago
Boston, Massachusetts, United States Liberty Mutual Insurance Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Engineer to join our team at Liberty Mutual Insurance. As a key member of our security team, you will be responsible for designing, implementing, and managing our organization's overall security posture.Key ResponsibilitiesSupport secure application development initiatives, requiring innovation,...
-
Cybersecurity Operations Services Manager
1 week ago
Boston, Massachusetts, United States Cabot Corporation Full timeCybersecurity Operations RoleThis is a pivotal role in overseeing the engagement with our Managed Security Services Provider (MSSP) and Managed Service Provider (MSP).The Cybersecurity Operations Manager will be responsible for managing the relationships with all suppliers, ensuring the delivery of high-quality services, and aligning cybersecurity...
-
Cybersecurity Operations Services Manager
2 weeks ago
Boston, Massachusetts, United States Cabot Corporation Full timeCybersecurity Operations ManagerYour Role at CabotThe Cybersecurity Operations Manager will play a pivotal role in overseeing the engagement with our Managed Security Services Provider (MSSP) and Managed Service Provider (MSP). This position is responsible for managing the relationships with all suppliers, ensuring the delivery of high-quality services, and...
-
Cybersecurity Engineer
4 weeks ago
Boston, Massachusetts, United States Liberty Mutual Insurance Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Engineer to join our team at Liberty Mutual Insurance. As a key member of our security team, you will be responsible for designing, implementing, and managing our organization's overall security posture.Key ResponsibilitiesSupport secure application development initiatives, requiring innovation,...
-
Cybersecurity Engineer
1 month ago
Boston, Massachusetts, United States Liberty Mutual Insurance Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Engineer to join our team at Liberty Mutual Insurance. As a key member of our security team, you will be responsible for designing, implementing, and managing our organization's overall security posture.Key ResponsibilitiesSupport secure application development initiatives, requiring innovation,...
-
Cybersecurity Engineer
1 month ago
Boston, Massachusetts, United States Liberty Mutual Insurance Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Engineer to join our team at Liberty Mutual Insurance. As a key member of our security team, you will be responsible for designing, implementing, and managing our organization's overall security posture.Key ResponsibilitiesSupport secure application development initiatives, requiring innovation,...
-
Cybersecurity Sales Leader, Northeast
2 weeks ago
Boston, Massachusetts, United States BlueVoyant Full timeJob Title: Cybersecurity Sales Leader, NortheastJob Summary:We are seeking an experienced Cybersecurity Sales Leader to focus on new customer acquisition and growth in the assigned territory. The ideal candidate will have knowledge of the Microsoft Sales organization and be able to consultatively share BlueVoyant's capabilities to seek alignment with...
-
Cybersecurity Consultant
3 days ago
Boston, Massachusetts, United States Charles River Associates Full timeAbout Charles River AssociatesCRA is a leading global consulting firm that provides independent economic and financial analysis behind litigation matters, guides businesses through critical strategy and operational issues to become more profitable, and advises governments on the economic impact of policies and regulations.Our two main services - economic and...
-
Cloud Cybersecurity Specialist
1 week ago
Boston, Massachusetts, United States Falconwood Full timeFalconwood Career OpportunityWe are seeking a highly motivated and experienced Cybersecurity Analyst to join our team at Falconwood. As a Cloud Cybersecurity Analyst, you will play a critical role in ensuring the security and integrity of our cloud-based systems and applications.Key Responsibilities:Perform Risk Management Framework (RMF) Steps 2, 5, and...
-
Cybersecurity Specialist
1 month ago
Boston, Massachusetts, United States Jesica Full timeAbout JesicaJesica is a pioneering recruiting agency that leverages AI to source, screen, and match candidates with ideal career opportunities. We work on behalf of our clients, who are actively seeking qualified professionals for various roles. If you're a candidate looking for new opportunities or just browsing, we encourage you to complete the application...
-
Cybersecurity Consultant
2 weeks ago
Boston, Massachusetts, United States Charles River Associates Full timeAbout Charles River AssociatesCRA is a leading global consulting firm that provides independent economic and financial analysis behind litigation matters, guides businesses through critical strategy and operational issues to become more profitable, and advises governments on the economic impact of policies and regulations.Job OverviewCRA's Forensic Services...
Lead Cybersecurity Risk Consultant
2 months ago
Position Title: Principal, Cybersecurity Consultant
Team Overview:
The Enterprise Cybersecurity (ECS) Regulatory & Audit division plays a crucial role in assisting ECS and corporate partners in managing comprehensive cybersecurity risks by delivering essential support services. Within the Cyber Regulatory & Audit framework, the ECS Internal Audit Engagement (IAE) team conducts approximately 25-30 internal audits each year. The primary objective of IAE is to mitigate cyber risks through enhanced collaboration and partnership with ECS Product Areas and Audit, ensuring alignment, transparency, and efficiency throughout the audit lifecycle.
Role Summary:
The ECS Internal Audit Engagement (IAE) team is in search of a seasoned and dedicated cybersecurity risk expert to collaborate with ECS Product Areas and Fidelity Corporate Audit. This role necessitates robust cooperation across three key phases of audit engagement: pre-audit (aligning roadmaps, assessing control risk gaps, analyzing trends/themes), active audit (quantifying risks, formulating action plans, facilitating risk acceptances), and post-audit (closing action plans, reporting, and metrics).
Required Expertise and Skills:
Technical Proficiencies:
- Proven experience in Risk Management and Mitigation
- Strong capabilities in Risk, Process, Cyber Threat Analysis, and Control Gap Assessment
- Extensive knowledge of cybersecurity threats and methodologies
- Thorough understanding of NIST Cybersecurity Framework standards and COBIT 5
- Familiarity with Operations & Technology (identity & access management; physical/personnel security; security operations assessments), Information Risk Management (vendor risk management; cloud security; data management), Software Development Life Cycle (SSDLC), and application security
- Comprehension of the FAIR (Factor Analysis of Information Risk) cyber risk framework
- Knowledge of ECS Policies, Standards, and Technical Implementation Guides (TIGs)
- Experience with Archer GRC, Jira, and ServiceNOW
Business Skills:
- Experience in corporate/internal auditing or collaboration with corporate audit functions
- Background in a Cyber Security organization
- Analytical mindset to delve into audit findings to identify and communicate risks and suitable responses
- Excellent communication skills (written, verbal, presentation) with the technical acumen to influence stakeholders and drive results
- Highly motivated, self-directed, independent thinker with a keen attention to detail
Key Responsibilities:
- Collaborate with ECS teams to identify control gaps
- Work with Audit and ECS teams to validate reported audit issues and conduct FAIR quantitative risk assessments
- Assist ECS Product Areas in drafting responses (Action Plans) to address legitimate audit observations
- Monitor ECS Product Areas' progress towards timely completion of action plans
- Identify opportunities to enhance team processes to better support ECS Product Areas
- Manage ECS Risk Acceptances
- Maintain and utilize key metrics that support various reports and critical meetings
- Partner with ECS Product Areas to gain a comprehensive understanding of roadmaps, backlogs, etc.
Education and Experience:
- Bachelor's degree in technology, computer science, or engineering is strongly preferred
- 7+ years of experience in cybersecurity risk management, technology operations, system analysis, and/or project management
- Relevant certifications are a plus: CISSP (Information Systems Security Professional), CEH (Certified Ethical Hacker), CISA (Certified Information Systems Auditor)
The compensation package for this position includes a competitive salary and a comprehensive benefits program designed to support your evolving needs and help you thrive in both your professional and personal life.
Company Overview:
Fidelity Investments is dedicated to enhancing the financial well-being of our clients. We assist individuals in investing and planning for their futures, support companies and non-profit organizations in delivering employee benefits, and provide institutions and independent advisors with investment and technology solutions.
Join Us:
At Fidelity, you will discover numerous opportunities to cultivate a meaningful career that positively impacts lives, including your own. We offer flexible benefits that support you at every stage of your career, empowering you to excel both at work and at home.
Fidelity is committed to fostering a diverse workforce and an inclusive culture. We welcome applicants from all backgrounds and experiences.
