Position Description:
Note: Fidelity will not provide immigration sponsorship for this position.
Identifies, analyzes, and mitigates insider threats and data risks by leveraging multiple data sources and advanced analytical techniques. Assessing the effectiveness of existing threat detection and data protection controls through measurable, data-driven metrics. Builds email security, email and Web advance threat protection, Domain Name System (DNS), Distributed Denial of Service (DDoS), Intrusion Detection Systems (IDS), Intrusion Prevention (IPS), and Cloud security. Recognizes and identifies attacks that may occur in each layer of the Open Systems Interconnection (OSI). Exchanges online protection using Microsoft O365 Suite. Understands malicious URLS using Symantec SiteReview. Prevents external attacks to systems using endpoint controls -- firewall, antivirus, and host-based intrusion systems.
Primary Responsibilities:
Monitors and investigates user behavior for indicators of potential insider threats, using data-driven behavioral analytics.
Creates and maintains dashboards, reports, and executive summaries that communicate emerging risks, detection outcomes, and trends to technical and business audiences.
Recommends improvements to detection rules, monitoring coverage, and escalation procedures, using findings from effectiveness reviews and incident post-mortems.
Develops metrics to assess the accuracy and coverage of insider threat detections and controls.
Tracks false positive and negative rates, detection latency, and incident response outcomes to improve detection logic.
Partners with risk, compliance, and Information Security Officers (ISOs) to share finding, generate awareness, and influence how business groups manage insider risks.
Education and Experience:
Bachelor's degree in Computer Science, Engineering, Information Technology, Information Systems, Data Science, or a closely related field (or foreign education equivalent) and three (3) years of experience as a Senior Cybersecurity Analyst (or closely related occupation) performing in-depth analysis to identify insider risk and data-loss-prevention (DLP) events across exfiltration channels, endpoints, access logs, and database and server audit logs.
Or, alternatively, Master's degree in Computer Science, Engineering, Information Technology, Information Systems, Data Science, or a closely related field (or foreign education equivalent) and one (1) year of experience as a Senior Cybersecurity Analyst (or closely related occupation) performing in-depth analysis to identify insider risk and data-loss-prevention (DLP) events across exfiltration channels, endpoints, access logs, and database and server audit logs.
Skills and Knowledge:
Candidate must also possess:
Demonstrated Expertise (“DE”) designing and implementing data integration pipelines to consolidate structured and unstructured datasets into centralized data warehouses using AWS Glue, Athena, Oracle, MySQL, and Snowflake; developing normalized and analytics ready data models using SQL, Python (Pandas, PySpark), Tableau, and Snowflake scripting; and evaluating and optimizing analytical systems by analyzing KPIs and processing latency to improve data quality, reliability, and reporting performance with Tableau and Power BI.
DE developing data models and performance dashboards using Tableau, Power BI, and Athena, and Snowflake; defining analytical metrics and trends; optimizing visualization performance on large datasets exceeding million rows; and preparing root-cause analysis reports and analytical summaries for senior stakeholders using Tableau, Power BI, and Python-based reporting.
DE developing Python-based automation scripts to perform data lookups, metadata joins, transformations, and enrichment of datasets in Athena, Oracle, MySQL, and Snowflake databases, implementing data categorization and analytical classification logic using Python and integrating analytical outputs into operational dashboards and reports for leadership review using Tableau/ Power BI.
DE designing data architectures and building multi-layered analytical models that combine transactional, behavioral, and operational datasets to establish analytical baselines and detect trends using S3, Athena, Snowflake, and Tableau/Power BI; developing Extract, Transform, Load (ETL) workflows and data-quality automation using AWS S3, Snowflake Tasks, CTAS Streams, and stored procedures.
#PE1M2
#LI-DNI
Fidelity’s Onsite Working Model
Fidelity is transitioning to a full-time onsite working model through a phased rollout across regions and roles. Currently, some roles and locations require 100% onsite presence, while others require less. Onsite expectations are likely to evolve as the rollout continues. This transition does not apply to fully remote roles.
Please be advised that Fidelity’s business is governed by the provisions of the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, the Investment Company Act of 1940, ERISA, numerous state laws governing securities, investment and retirement-related financial activities and the rules and regulations of numerous self-regulatory organizations, including FINRA, among others. Those laws and regulations may restrict Fidelity from hiring and/or associating with individuals with certain Criminal Histories.