Sr. Tech Risk Analyst - External Audit COE

About the positionResponsibilities• Gather, organize, and analyze externally audited systems data to uncover key insights that can be presented through data visualizations. • Develop analytics to proactively identify risk across the firm (in high impact areas such as logical access, application resiliency, cloud, vendor and more). • Assist with planning and coordination of audit cycles with external auditors and internal stakeholders. • Effectively manage audit scope changes and maintain an authoritative inventory of externally audited systems.• Facilitating requests from external auditor and monitoring to ensure timely completion. • Assist with information technology risk assessments and readiness assessments including documenting controls, identifying potential gaps and/or inconsistencies and making sound recommendations for improvement and/or mitigation. • Proactively identify, track, monitor, report, & advise of any risks to external audit engagements. • Work across business, technology and risk teams to execute technology audit engagements according to schedule while proactively managing and resolving challenges that arise during the audit cycle.• Maintain a comprehensive inventory of externally audited controls, including detailed mappings to audit reports and GRC records, along with practical descriptions of how each control is executed. • Support the creation of detailed procedural documentation to guide business and technology partners in understanding and integrating standard external audit controls into their products. Requirements• Bachelor's Degree in Computer Science, Information Systems, Technology, Accounting, or a related field of study preferred.• 4-7 years of experience in information technology auditing (preferably supporting or conducting audits), information technology risk or compliance, cyber security, or controls assurance roles. • Demonstrated technical abilities in multiple domains (e.g., technology infrastructure and application controls, cyber security, access management, cloud, resiliency, etc.). • Experience implementing and assessing controls over highly automated business processes. • Working knowledge of cloud-native technologies, including cloud databases, along with familiarity with DevOps methodologies, automated deployment processes, and supporting tools.• Strong understanding of data protection processes and controls for handling various levels of confidential data across diverse environments. • Hands-on experience with data exploration and visual analytics concepts, utilizing business intelligence and visualization tools such as Excel, Alteryx, Tableau, and Power BI. Nice-to-haves• Professional technology risk certification (CISA, CISSP, CRISC) and/or Cloud Certification(s) (CCSP, CCSK, AWS) desired but not required. Benefits• Hybrid working model that blends onsite and offsite work experiences.• Most hybrid roles require associates to work onsite every other week (all business days, M-F) in a Fidelity office. Apply tot his job