Principal Technology Vendor Manager

Job Description:

The mission of the penetration testing team is to protect Fidelity's assets and our customers’ livelihoods from the threat of exploitation by malicious adversaries.  

The penetration testing team does this by proactively identifying vulnerabilities in our systems and serving as subject matter experts to enable the business units to mitigate them in a positive, collaborative, innovative manner.  

Our Vision  

• We aspire to be a best-in-class pen test team, with fully engaged, passionate members.  
• Producing high-quality work in a consistent, effective, efficient, customer-oriented manner.  
• Providing a competitive advantage to the firm and serving as a differentiator in the marketplace.  
• Serving as a role model for others across the Enterprise and wider industry.  
• And driving advancement and research in the cybersecurity space.  

Fidelity has a large and diverse portfolio of products.  This provides a varied and interesting role giving the team the opportunity to work on a multitude of different areas of the business.  

The application security team actively partner with a number of industry-leading vendors to augment and support the internal testing team in achieving their mission.  This role will have key responsibilities for managing those releationships, projects and consultants to ensure the work is executed with the highest level of quality and consistency we require on the team. 

The Expertise and the Skills you Bring 

• Bachelors degree or equivalent experience   
• 7+ years of IT experience   
• Project management experience 
• Experience using Jira or a similar tool. 
• Excellent communication and presentation skills. 
• Excellent interpersonal skills with a strong interest in the application security domain. 
• Proven analytical and problem-solving skills, as well as the desire to assist others in solving issues. 
• Preferred: Basic knowledge of or the willingness to learn about application security mechanisms such as authentication and authorization, data validation, and access controls would be an advantage 
• Preferred: Experience managing a 3rd party vendor 
• Preferred: PMP, CSPO, CSM or equivalent certifications in project management or business analysis. 
• Preferred: Software development knowledge. 

The Purpose of Your Role  

• Complete ownership of our  vendor on-boarding process and vendor management 
• Develop strong relationships with key vendor managers and project leads 
• Develop strong relationships with key internal BU Stakeholders, ISO’s and SISO’s involved in the project work 
• Track the individual project status against the plan and report to senior management 
• Liase with the relevant internal teams to ensure any blocking issuees are resolved for the vendors 
• Look to document and improve on-boarding processes and planning for each vendor 
• Help design and document requirements for any automation improvements that could be done to assist in the work 
• Collaborate with other teams within Enterprise Cybersecurity to improve the overall security of Fidelity's applications and infrastructure.  

The Value You Deliver  

Fidelity provides key financial services to a wide variety of demographics.  In many instances we are managing our customers financial future and savings.  This is something we take very seriously.  Protecting our customers and their data is of paramount importance to us.  This role plays a key part in helping to protect the livelihoods of our customers around the world and plays a significant part in preventing real-world cyber attacks.  

How Your Work Impacts the Organization  

The Penetration Testing team forms part of Security Assaessment group within Enterprise Cybersecurity (ECS).  The goal of the Security Assessment group is to proactively identify and remediate vulnerabilities in Fidelity’s applications and infrastructure.  We work very closely with all of the key Business Units to ensure that they remain secure while they deliver key projects to advance the firm.  

For more like this search #Cyber

Category: