The global cybersecurity & Information security department is a part of the Global Technology department. The Technology function provides IT services to the Fidelity International business, globally. These include the development and support of business applications that underpin our revenue, operational, compliance, finance, legal, and marketing and customer service functions. The broader organisation incorporates Infrastructure services that the firm relies on to operate on a day to day basis including data centre, networks, proximity services, security, voice, incident management and remediation.
Global cybersecurity & Information security (GCIS) is responsible for:
Protecting the Technology Environment from internal and external security threats,
Purpose of your role The Information Security Senior Analyst is responsible for ensuring that information security risk is managed effectively within Fidelity International entities in Germany, including FIL Fondsbank GmbH, that holds a full bank license under BaFin. This will be achieved by implementing the FIL wide framework of policies and standards and ensuring that staff are aware of the risks relating to information security. The information security team safeguards information by seeing that security risks are identified, assessed and accurately reported. Additionally, the function is charged with ensuring local procedures and activities comply with all regulatory requirements and internal policies, procedures, guidelines and standards.
The role will require close working relationships alongside Information Security Officers in Germany, and Information Security teams in UK, Europe, India and Asia. In addition, the role will collaborate regularly with the wider technology team, risk management, business operations, oversight functions and human resources.
Your key accountabilities
Support the organization-wide Information Security Management System (ISMS) in accordance with ISO/IEC 27001 Standards, thereby ensuring continuous ISO27001 accreditation.
Take an active role in global FIL information security projects and initiatives.
Collaborate with local Technology and business functions to achieve compliance to the controls
Participating in vendor contracts` reviews and ensuring that relevant security controls are included in the contracts
Helping to assess protection requirements of business processes and applications
Performing regular gap analysis based on the target measures catalogue
Updating local information security policies on a regular basis
Work with the wider security team to manage exceptions to the controls, preparing any required documentation, advising management of decisions and tracking any agreed rectification plans through to completion
Contribute general and German based risks to the information security risk register
Support the FIL security training and awareness programme
Support a prioritised security programme to address key local security issues
Provide operational and compliance reporting including issues escalation to management as required
Preparation of regular senior management reporting and metrics.
Build good working relationships with security and oversight colleagues across FFB and FIL globally
Understand the security industry leveraging best practice for FIL
Follow related legislation and regulation and to liaise with other functions to manage any resultant gaps or inconsistences
Prepare any required reports and minutes of meetings.
Your skills and experience
Experience in Information Security in an organisation, preferably Financial Services.
Detailed work experience of information security policies, standards, controls and frameworks
Understanding of German data protection, privacy and practices is desired
Familiar with relevant information security standards such as ISO 27001 or NIST
General understanding of IT security principles.
Ability to plan, organise, co-ordinate and work well under pressure without supervision
This role requires liaison with senior people both within the organisation and externally. The candidate will be required to be professional, confident, confidential and discreet
An eye for detail with ability to produce accurate, well-structured reports according to deadlines
Innovative and team worker
Excellent desktop skills, especially office 365.
Fluent in English and German, spoken and written; other languages advantageous.
Related graduate degree
Certified ISO 27001 lead implementer or auditor preferred
Further professional qualifications an advantage, e.g. Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP),
About Fidelity International Fidelity International offers investment solutions and services and retirement expertise to more than 2.5 million customers globally. As a privately-held, purpose-driven company with a 50-year heritage, we think generationally and invest for the long term. Operating in more than 25 locations and with $611.4 billion in total assets, our clients range from central banks, sovereign wealth funds, large corporates, financial institutions, insurers and wealth managers, to private individuals.
Our Workplace & Personal Financial Health business provides individuals, advisers and employers with access to world-class investment choices, third-party solutions, administration services and pension guidance. Together with our Investment Solutions & Services business, we invest $471 billion on behalf of our clients. By combining our asset management expertise with our solutions for workplace and personal investing, we work together to build better financial futures.
Our clients come from all walks of life and so do we. We are proud of our inclusive culture and encourage applications from the widest mix of talent, whatever your age, gender, ethnicity, sexual orientation, gender identity, social background and more.
As a flexible employer, we trust our people to perform their role in the way that works best for them, our clients and our business. We are a disability-friendly company and would welcome a conversation with you if you feel you might benefit from any reasonable adjustments to perform to the best of your ability during the recruitment process and beyond. Data as at 30 September 2020. Read more at https://www.fidelityinternational.com/
Applying to this Job Role: Please note you are only required to upload your CV/Resume to the application screen.