Principal Cybersecurity Specialist - SaaS Security

Job Description:

The role of Principal SaaS Security specialist is to focus on effective management of SaaS security posture involving configuration drifts, SaaS identities, 4th party risks, data exfiltration risks and threat detection. The role gives significant exposure to SaaS security, 3rd party Risk Management process & tools and Cybersecurity Engineering practices.

Enterprise Cybersecurity (ECS) sets Fidelity's strategy, policy, and standards for the security of the enterprise cyberspace. We focus on Cyber threat reduction, vulnerability elimination, deterrence, incident response, resiliency, and recovery policies and activities. This role is within the ECS Vendor Security team that oversees control and mitigation of Vendor Security Risks posed by 3rd parties that do business with Fidelity.

• Bachelor's degree in a technology discipline (Cybersecurity/Computer Science/IT).
• 7+ years' experience Cybersecurity with at least 2 years of hands-on security analyst work is required.
• Expertise in one or more of the following Cybersecurity areas: Application / Data / IAM Security is required.
• Exposure to Security Posture Management on SaaS/Cloud/Data/Applications is highly desired.
• Working knowledge of DevOps Process, SIEM, SOAR, API integrations etc. is highly desired.
• Strong understanding of Cloud and SaaS security concepts, configurations, and operations.
• Security centered knowledge of at least one leading SaaS Platforms (e.g. M365/Salesforce/Service Now/Snowflake).
• Programming knowledge in Python, or equivalent scripting is highly desired.
• Experience with DevOps is a plus.
• Knowledge of third-party governance, risk & compliance tools, processes, and systems is highly desired.
• Familiarity/experience with developing Business Intelligence for Security data is desired.