Job Description:

The Role

Are you looking to grow your technology risk career while making a measurable impact on enterprisewide controls? Do you enjoy collaborating with technology and risk partners to strengthen control effectiveness and audit readiness? As a Technology Risk Analyst, you will support key testing activities that help protect Fidelitys customers, employees, and brand. This role provides handson exposure to technology controls testing, industry frameworks, and crossfunctional partnership in a highly regulated environment.

Core responsibilities include:

• Supporting and executing technology risk and controls testing activities aligned with audit, regulatory, and certification requirements
• Assessing control design and operating effectiveness using established methodologies and frameworks
• Analyzing testing results to identifying control gaps, inconsistencies, or potential risks
• Coordinating with technology and business partners to gathering evidence and understanding control execution
• Documenting testing results clearly and maintaining defensible workpapers for audit review
• Assisting with remediation tracking and monitoring corrective action progress

The Expertise and Skills You Bring

You bring foundational experience in technology, risk, or controls and are eager to continue building expertise in technology risk management. You have a solid understanding of control concepts and industry standards, apply structured problemsolving approaches, and work effectively within defined procedures. You communicate professionally, collaborate well across teams, and are comfortable learning from more experienced analysts while taking ownership of assigned work.

Key qualifications include:

• Bachelors degree in computer science, technology, or a related field (preferred)
• 2 to 5 years of relevant experience in IT, technology risk, cybersecurity, controls, cloud, audit, or related roles
• Experience supporting or performing control assessments within complex technology environments
• Familiarity with risk and control frameworks such as NIST, COBIT, ISO 27001, AICPA Trust Principles, HITRUST, or similar
• Working knowledge of cloud and technology control concepts across infrastructure, applications, identity and access, and cybersecurity domains
• Exposure to GRC platforms such as Archer (preferred)
• Professional certifications (CISA, CISSP, CRISC, CISM) desirable but not required

Note: Fidelity will not provide immigration sponsorship for this position.

The Team

We are part of Fidelitys Enterprise Technology Risk organization within the Legal, Risk, and Compliance function. Our Technology Risk Controls Testing team coordinates and executes controls testing across a wide range of technology environments, including both manual and automated approaches. We partner closely with Corporate Audit, Enterprise Compliance, Information Security, Operational Risk, and technology and business owners to proactively assess and monitor technology risk.

Our team exists to provide consistent, highquality assurance over technology controls that support Fidelitys regulatory obligations and commitment to operational resilience. We value collaboration, continuous learning, and thoughtful risk judgment, and we are committed to building an inclusive culture where our people can grow, contribute, and develop their careers while helping Fidelity protect what matters most.

Certifications:

Category:

Please be advised that Fidelitys business is governed by the provisions of the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, the Investment Company Act of 1940, ERISA, numerous state laws governing securities, investment and retirement-related financial activities and the rules and regulations of numerous self-regulatory organizations, including FINRA, among others. Those laws and regulations may restrict Fidelity from hiring and/or associating with individuals with certain Criminal Histories.

Company overview