Principal, External Audit Engagement
Job Description:
Note: Fidelity will not provide immigration sponsorship for this position
The Role
Are you ready to take on a meaningful role at Fidelity Investments, ensuring our cybersecurity controls are second to none? The Fidelity Enterprise Cybersecurity Regulatory and Audit Team is seeking a Principal, External Audit Engagement to play a major role in our engagements with independent third-party audit firms. You will demonstrate adherence to leading industry frameworks, ensuring our control environment is flawless. Success in this role will be showcased through well-managed external audit engagements resulting in unqualified opinions and certifications of Fidelity’s cyber control environment.
The Expertise and Skills You Bring
Proven knowledge of IT risk and cybersecurity functions and their importance to Fidelity’s mission.
Extensive knowledge of audited cybersecurity frameworks and standards, including AICPA’s SOC 1, SOC 2, and SOC 3, PCI-DSS, HITRUST, Swift CSP and ISO/IEC 27000 family.
Experience managing projects end-to-end with a clear ability to communicate progress effectively.
Understanding of NIST Cybersecurity Framework core standards.
Bachelor’s degree in a technology or computer science subject area, or equivalent experience, is preferred.
Minimum 5 years working in IT assurance for a Big 4 or similar audit firm, with experience serving Fortune 500 clients.
Possession of cybersecurity certifications is a plus.
Prior experience in a cybersecurity role, IT audit, or IT risk role.
The Team
We, the Cyber Regulatory and Audit Team within Enterprise Cybersecurity’s Information Security Office, are dedicated to knowing the external requirements and standards to which Fidelity is held. We ensure that Fidelity ECS has the appropriate policies and controls aligned to these standards. Our team engages external assessors and examination staff to provide evidence of control, helping to maintain our relentless dedication to our clients.
Fidelity’s Onsite Working Model
Fidelity is transitioning to a full-time onsite working model through a phased rollout across regions and roles. Currently, some roles and locations require 100% onsite presence, while others require less. Onsite expectations are likely to evolve as the rollout continues. This transition does not apply to fully remote roles.
Placement in the range will vary based on job responsibilities and scope, geographic location, candidate’s relevant experience, and other factors.
Base salary is only part of the total compensation package. Depending on the position and eligibility requirements, the offer package may also include bonus or other variable compensation.
We offer a wide range of benefits to meet your evolving needs and help you live your best life at work and at home. These benefits include comprehensive health care coverage and emotional well-being support, market-leading retirement, generous paid time off and parental leave, charitable giving employee match program, and educational assistance including student loan repayment, tuition reimbursement, and learning resources to develop your career. Note, the application window closes when the position is filled or unposted.
Please be advised that Fidelity’s business is governed by the provisions of the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, the Investment Company Act of 1940, ERISA, numerous state laws governing securities, investment and retirement-related financial activities and the rules and regulations of numerous self-regulatory organizations, including FINRA, among others. Those laws and regulations may restrict Fidelity from hiring and/or associating with individuals with certain Criminal Histories.

