About The Position

The Enterprise Technology Risk group is seeking a passionate, driven and experienced professional to contribute to the Technology Risk Program and Regulatory Assurance CoE team. This role is responsible for performing regulatory and program management responsibilities, including designing and maintaining technology controls to support program and regulatory requirements. This role will require networking and relationship management skills to collaborate with the Controls Testing team, and various business units and risk teams across the enterprise.

Requirements

  • 5 -7 years’ experience in information technology risk, controls, or audit roles
  • Bachelor’s degree in computer science, technology, or a related field of study preferred
  • Experience documenting controls for large scale financial service organizations (cloud, distributed, vendor solutions, mainframe, network environments, and AI)
  • Demonstrated technical abilities in multiple areas (e.g., technology infrastructure and application controls, cyber security, access management, network and cloud, resiliency, etc.)
  • Working knowledge of Cloud security and controls and cloud technology environments (AWS/Azure, SaaS, PaaS)
  • Strong knowledge of information technology processes and controls, and a comprehensive understanding of risk, quality control and assurance functions
  • Ability to build and maintain collaborative working relationships with Information Technology and Business personnel to design effective controls
  • Process orientation and understanding of operations and technology enabling you to provide support in the analysis, development, and monitoring of controls

Nice To Haves

  • Professional technology and associated risk certifications (CISSP, CISA, CRISC, CISM), Certified risk/fraud examiners (CRE, CFE), and/or Cloud Certification(s) (CCSP, CCSK, AWS) preferred
  • Knowledge of Industry standards, regulations, frameworks and best practices, such as NIST SP 800-53, COBIT, AICPA Trust Principles, ISO27001, SWIFT, HITRUST, and SOX404 is preferred
  • ISO9001 and/or ISO27001 certification preferred, with responsibility to support and participate in ISO peer audit reviews.
  • Knowledge of Governance, Risk, and Compliance (GRC) tools, such as Archer is preferred
  • Love of solving complex problems, and comfort with ambiguous situations, and your ability to help solution innovative ways to mitigate risk using your advanced analytical and critical thinking skills
  • Excellent verbal and written communication skills enabling you to prepare and present recommendations to senior management

Responsibilities

  • Ensuring risk and control taxonomy aligns with enterprise standards
  • Developing and monitoring technology controls for security and compliance
  • Providing technical support and acting as liaison for technology risk management
  • Managing control updates, annual mapping, and testing requirements
  • Design, document, and maintain Risk and Control Matrices (RCMs/RACMs) across business and IT processes
  • Continuously improve and standardize control documentation and governance practices
  • Overseeing control certification process
  • Partnering with Control Testing team to track progress and remediation
  • Representing ETRA in enterprise control initiatives and special projects
  • Supporting regulatory activities, risk assessments, and examinations
  • Leading and supporting SOX 404 compliance, including control documentation
  • Reviewing SOC reports, assessing CUECs, and communicating control gaps

Benefits

  • Fidelity will not provide immigration sponsorship for this position.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service