Director, Cybersecurity Risk

skillventory - A Leading Talent Research Firm

Director-level role in cybersecurity risk management at Fidelity Investments. Leading cyber risk analyses and advising on risk prioritization and management strategies.

Posted 5/14/2026full-timeJersey City • New Jersey, Texas • 🇺🇸 United StatesLead💰 $126,000 - $255,000 per yearWebsite

Tech Stack

Tools & technologies

CloudCyber Security

About the role

Key responsibilities & impact

Lead in the creation of cyber risk analyses pertaining to ECS.
Understand current and emerging cybersecurity risks and determine key risk scenarios for the ECS Product Areas.
Conduct Product Area risk / threat modeling sessions to prioritize top risks (Quarterly).
Advise on backlog prioritization based on risk (Quarterly).
Advise on both exceptions and audit finding risk levels to drive down the number of exceptions and accurately risk rate audit findings.
Quantify cyber risk and present analyses that will allow senior management to make informed decisions based on resulting risk data.
Provide data input into the ECS Heat Map Team.
Work with Product Area/Squad leaders to drive lasting security decisions which will substantially mitigate Fidelity’s cyber risk.
Evaluate multiple sources, reports, industry trends to compare risk related findings to existing ECS policies and uncover gaps and opportunities for process improvement.
Determine what, who, and where changes are warranted to close gaps, working with appropriate contacts to draft policy enhancement ensuring continued progress.

Requirements

What you’ll need

Minimum 5-7 years of risk experience quantifying cyber risk scenarios and presenting data in a meaningful and insightful way to senior leaders.
Demonstrated experience in cybersecurity risk management.
Experience managing projects end-to-end, from initial stages of acquiring data from multiple sources and SMEs, to the tracking, maintenance, and closure of a project, with proven ability to integrate data into risk analysis tools and communicate progress effectively across multiple lines and levels.
Advanced understanding of NIST 800-53 Cybersecurity Framework and FAIR.
CISSP, CCSP, OpenFAIR certifications preferred.
Effective communication and excellent presentation skills to senior leaders.
Ability to deep dive into metrics that will both (1) quantify the work being done and (2) quantify how cyber risk position has improved.
Critical thinking skills to ask detailed questions and fully vet answers to uncover discrepancies and gaps others may not have found is a must.
Ability to work across business lines to influence, motivate change and help mitigate cyber risk.
Advanced understanding of risks pertaining to the following: cloud security, access controls, encryption, vendor security, data exfiltration, application security, perimeter security, customer protection, privileged access, denial of service, unpatched vulnerabilities, and end of life software.
Mathematical/statistic mindset.
Investigator approach to deep dive into metrics to understand and communicate actionable risk to senior leadership.

Benefits

Comp & perks

comprehensive health care coverage and emotional well-being support
market-leading retirement
generous paid time off and parental leave
charitable giving employee match program
educational assistance including student loan repayment, tuition reimbursement, and learning resources to develop your career

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cyber risk analysisrisk quantificationrisk managementproject managementdata integrationNIST 800-53FAIRcloud securityencryptionapplication security

Soft Skills

effective communicationpresentation skillscritical thinkinginfluencingmotivating changeanalytical mindsetinvestigative approachcollaborationproblem-solvingdetail-oriented

Certifications

CISSPCCSPOpenFAIR