IT Audit Director – Enterprise Cloud Computing
- Merrimack, NH, USA Merrimack NH US
- Permanent, Full time
- Fidelity Investments
- 23 Mar 18 2018-03-23
IT Audit Director – Enterprise Cloud Computing
IT Audit Director - Enterprise Cloud Computing
Are you looking for a position that will leverage and grow your technology skills, expand your knowledge of the financial services business, and give you the opportunity to problem solve with some of the best minds in the financial services and technology industries? There is no better place to drive value-added solutions for improving internal controls than to operate at the nexus of technology and business as a technology auditor at Fidelity Investments.
The Expertise We're Looking For
- BA/BS in Technology, Information Systems or related field of study.
- Cloud, audit, or information security certifications preferred (AWS, MCSE: Cloud - Azure, CCSK, CCSP, CISA, CISSP, SANS GIAC, etc.).
- Experience with deployment orchestration, automation, and security configuration management (Jenkins, Puppet, Chef, etc.) preferred.
- Deep understanding of cloud computing technologies and workload transition challenges
- Experience with one or more scripting and data analysis tools (Python, R, Jupyter, PowerShell, etc.) preferred.
- 10 years of professional experience with 5 years leading IT audit or technology management, preferably financial services.
The Purpose of Your Role
In this position, you are primarily responsible for leading a team of IT audit professionals in the execution of technology risk assessments, audit projects, client relationship management and staff development covering our Enterprise Cloud Computing business unit. Key areas of focus include cloud application deployment, cloud application platforms, cloud security, cloud application architecture. You will collaborate with peers to manage the cloud computing audit plan, and contribute to the execution of broader enterprise IT audit projects such as cybersecurity, enterprise infrastructure, customer protection, privacy, and big data.
The IT Audit Director promotes risk awareness in the enterprise through a positive and collaborative relationship with IT and business executives and staff. In addition to oversight of audit execution, the IT Audit Director meets regularly with senior IT and business executives to discuss audits, assess risks, evaluate issue remediation progress, provide feedback and gather insights on IT activities. This position has high visibility and provides significant opportunities to network with senior IT and business executives.
The Skills You Bring
Your demonstrated technical abilities and knowledge across a wide range of topics including:
- Drive automation and auditing for security controls. "Audit as code" thinking.
- Managing IT audits of large-scale business unit cloud deployments at the system, hardware and function levels.
- Be a thought leader and influencer in the emerging cloud architecture best practices which includes continuous delivery, security, infrastructure as code, automation, immutable infrastructure and service discovery.
- Lead and participate in across line of business working groups and committees to review and reinforce a risk focus on proposed architectures.
- Familiarity with industry compliance and security standards including PCI DSS, ISO 27001, HIPAA, CSA STAR framework, and NIST
- Managing and performing risk and data analysis audits for compliance with regulations, drafting audit reports and liaising with and reporting to senior executives on audit results and corrective actions
- Communication, coordination and excellent relationship management skills are critical success factors
- The IT Audit Director fosters high performance, continuous learning and collaborative interactions within a team of IT audit professionals.
The Value You Deliver
As the IT Audit Director, you will be responsible for leading audits, evaluating risks (technology, financial, reputational, and regulatory), testing controls designed to mitigate risk, communicating issues and findings to management, devising solutions for business improvements, and following-up on corrective actions. You will need to work effectively in a team setting in order to:
- Plan and execute multiple concurrent IT audits, primarily reviews of cloud technology with additional coverage of cyber security and specialized or emerging technologies.
- Identify and assess complex risks (both business and technological) and to provide advice to management regarding mitigation of these risks.
- Assess the controls over application processes, physical and logical security; systems acquisition and development; system and network infrastructure; system architecture; change management; computer operations; and production support.
- Identify and address systemic control and efficiency issues. Develop data analysis and apply leading edge and other automated tools to provide management with proper context of potential exposure and loss of business due to control weaknesses.
- Develop an ongoing "trusted advisor" relationship with audit clients and Internal Audit business unit colleagues to ensure timely and consistent controls advice.
- Travel (15% annually) to execute audits, and to attend training and corporate events.
How Your Work Impacts the Organization
Fidelity Corporate Audit provides independent and objective audit and advisory services that help Fidelity manage risk, improve customer service, and enhance business performance.
This mission is accomplished through:
- Assessing the adequacy and effectiveness of controls, risk management, compliance and governance processes
- Reporting on issues and solutions that improve Fidelity's control environment
- Responding to change with a sense of urgency through continuous risk assessment and resource allocation
- Providing audit advisory services on new and changing products and systems
- Developing talented professionals for audit and leadership positions
Our primary motivation is to drive positive change throughout the firm. The Information Technology Audit group is responsible for providing the specialized IT audit skills required to assess and evaluate controls over Fidelity's corporate-wide systems infrastructure environment and system development efforts in support of Fidelity's businesses. This is a high-performing team that delivers significant results to the firm and the Audit function.Company Overview
At Fidelity, we are focused on making our financial expertise broadly accessible and effective in helping people live the lives they want. We are a privately held company that places a high degree of value in creating and nurturing a work environment that attracts the best talent and reflects our commitment to our associates. For information about working at Fidelity, visit FidelityCareers.com .
Fidelity Investments is an equal opportunity employer.