Principal, Cybersecurity Consultant
Job Description:Principal Cybersecurity ConsultantThe Personal Investing (PI) Information Security Office is seeking a Principal Cybersecurity Consultant to work in collaboration with the PI Information Security Officer and supporting PI Business Information Security Officers to help ensure consistent, appropriate security coverage for all enterprise critical assets, current and future. The Cybersecurity Consultant helps protect the firm and our clients through supporting development, execution and adoption of cybersecurity initiatives and products. The Information Security team facilitates the relationship between Enterprise Cybersecurity and PI. The specific role works across multiple organizations to support and complete efforts.The TeamAs part of the Enterprise Cybersecurity Cyber insights & Enablement team, the Cybersecurity Consultant serves as core member of the Information Security Office (ISO). The ISO office implements, manages, maintains, and governs cybersecurity policy and programs for the assigned business unit. The role can be based in Westlake, TX, Durham - NC, or Merrimack - NH .The Expertise You Have
- Undergraduate degree or equivalent work experience;
- 5+ years information security, risk, or related technology subject area, or 3+ years of technology, risk or cybersecurity experience combined with an undergraduate or graduate degree with a cybersecurity focus;
- Security certifications preferred (CISSP/CISA/CISN/GIAC/CCSP).
- Extensive technical knowledge and experience relevant within information security such as: information security governance, cloud security, operating system and database security, security logging and monitoring systems, vulnerability assessment tools, encryption, single-sign-on, logical access administration fundamentals, multi-factor authentication, and/or software development.
- Mature communication, collaboration and presentation skills, including engaging audiences at various levels, as well as an ability to deliver concise presentations to senior management.
- Technical domain knowledge, including an understanding of secure application development methodologies, operating system and database controls, network and cybersecurity principles, and system-related internal controls.
- Knowledge of security controls and methodology (e.g. NIST, ISO27001) as well as corporate policies and procedures.
- Demonstrates expertise in technology, applications and/or interfaces crafted to support the business.
- Strong collaboration skills, strong analytical skills, and the ability to identify and recommend solutions for cybersecurity issues. The person works with a startup mentality and has a demonstrated ability to be a self-starter.
- Serve as a primary resource and drive business unit control enablement and operational adoption of cybersecurity products.
- Monitor operational areas of responsibility and disposition appropriate actions to ensure service level agreements are met.
- Represent the ISO Office in appropriate forums, working teams, project meetings, etc.
- Influences business and systems leaders to implement risk management products that meet security requirements to safeguard Fidelity's assets and reputation.
- Builds positive relationships within and across teams.
- Recommends, influences, and supports organization-wide policies regarding security controls and processes.