Job Description

Job Posting - Team Manager, Cybersecurity

This is a hybrid role with a mix of remote and in-office working

a

At Fidelity, we’ve been helping Canadian investors build better financial futures for over 35 years. We offer individuals and institutions a range of trusted investment portfolios and services - and we’re constantly seeking to find new and better ways to help our clients. As a privately owned company, we boldly embrace innovation in all areas as we continue to grow our business into the future.

Working with us means you’ll be part of a diverse and dedicated group of people who make a real difference for our clients and communities every day. You’ll have a wide range of opportunities to grow and develop your career in an inclusive environment where you’ll feel valued and supported to be your best - both personally and professionally.

Business Overview:

This role reports to the Manager, Information Security and Risk.

The Cybersecurity Team Manager supports the risk mitigation efforts of Fidelity’s Cyber Defense Operations (CDO) under the Information Security and Technology Risk group to safeguard and protect our information assets and critical data from current and emerging Cyber threats. The Cybersecurity Team Manager will apply their Cybersecurity skills and knowledge in the day-to-day management of CDO, including but not limited to, team management, reporting, executing Cyber management processes to respond to incidents, maintenance of various security tools and technologies such as advanced malware detection, DDoS, IDS/IPS, DLP, Anti-spam as well as other Cyber. The ideal candidate has experience using a wide range of technologies to respond to Cybersecurity events.

How You'll Make an Impact:

Ensure computing platform compliance with Cybersecurity policies and directives:

• Use provided tools to perform continuous monitoring and analysis of system activity to identify malicious activity and configure mitigations.
• Coordinate with other departments to manage and administer the updating of rules and signatures across the information security stack (e.g. intrusion detection/protection systems, anti-virus, and content blacklists).
• Identify and recommend actions to address vulnerabilities in the computing environment or inconsistencies in existing security processes.
• Meets departmental SLAs & and targets relating to CDO functions.
• Meet compliance requirements and deadlines on Patching/Upgrades, Anti-virus/Anti-spyware, data loss protection events, vulnerability scanning etc.

Lead Red and Blue Team exercises:

• Conduct research, trend analysis, correlation, and reporting across a wide variety of internal and external source data sets (e.g., network, OS, DB, and application logs and alerts).
• Provide timely detection, identification, and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities.
• Participate in projects, reviews, and meetings, and provide guidance and feedback on security policies and issues.
• Maintain and support risk-based (NIST) framework data and templates to accurately score applications and systems.
• Implement and support compliance directives based on risk scores (NIST).

Lead Cybersecurity Incident Management:

• Lead the triage, investigation, and response of Cybersecurity incidents.
• Analyze identified malicious activity in the computing environment to determine weaknesses exploited, exploitation methods, and effects on systems and information.
• Prioritize and assign tasks to other team members as appropriate.
• Managing and responding to cybersecurity events and incidents.
• Monitor the progress of remediation activities.
• Communicating with management accurately and appropriately.
• Coaching and mentoring team of Cyber Analyst for continued development and results.
• Coordinating activities with other CDO teams and IT groups in Canada and FIL to ensure overall quality & and timeliness of deliverables.

Support Risk Mitigation and Remediation:

• Support Cybersecurity risk mitigation efforts primarily through technical support of processes established to safeguard information assets.
• Develop and maintain scripts for the automation of various CDO tools and processes. -
• Develop and maintain reporting.
• Provide application support for CDO tools.
• Support IT projects from a security perspective.
• Advise on Cybersecurity policies, industry standards, best practices, and strategies.
• Improve employee awareness of Cybersecurity risks, threats, and processes.

Develop, Manage and Build Effective Team:

• Meet weekly with staff members and support and coach them in their day-to-day work, career development, and developmental goals.
• Objectively evaluate employee performance.
• Give timely and constructive feedback.
• Address performance issues in a timely and direct manner.
• Meet weekly with staff members and support and coach them in their day-to-day.

What We Are Looking For:

• Minimum Five (5) years of experience as a Cybersecurity analyst, Information systems security administrator, or specialized expertise in cyber incident management, intelligence, analytics, and audit.
• Two (2) years of experience of management experience in Cybersecurity (preferable in SOC environment).
• Strong organizational skills, must be able to handle multiple initiatives/tasks at the same time.
• Must be detail-oriented and process-driven.
• Nice to have - Banking, finance, or wealth management industry related experience.

The Expertise You Bring:

• Proficient and demonstrated experience in managing network security, UNIX and Windows operating systems security and Database security. Scripting knowledge of PowerShell, SQL, Excel VBA.
• Excellent knowledge of Cybersecurity detection and respond methodologies, standards and best practices.
• Knowledge of security threats, common attack vectors and the use of security tools to monitor the technology infrastructure and computing environment.
• Understanding of complex, enterprise-wide information systems security architecture and how network, application, and host-based security controls work.
• Understanding of the underlying protocols including HTTP, HTTPS, SQL, TCP/IP, Active Directory. Experience in Cloud Security and integration (preferably AWS).
• Knowledge and experience working with PCI-DSS, ISO 27000 standards, ITIL, NIST Cybersecurity Framework.
• Good understanding of systems development life cycle and secure application development.
• Knowledge of business continuity, disaster recovery, and resiliency.
• Advanced analytical reporting capability.
• In-depth understanding of IT infrastructure and application technologies.

Current work authorization for Canada is required for all openings.

Fidelity Canada is an equal opportunity employer

Fidelity Canada is committed to fostering a diverse and inclusive workplace. We will consider all qualified applicants for employment regardless of race, color, religion, sex, sexual orientation, gender identity or expression, national or ethnic origin, age, disability, family status, protected veterans’ status, Aboriginal/Native American status or any other legally-protected ground.

Accommodation during the application process

Fidelity Canada welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in the selection process. If you require an accommodation, please email us at FidelityCanadaStaffing@fidelity.ca.

No telephone inquiries or agencies please. We thank all applicants for their interest, please be advised that only those selected for an interview will be contacted.

Why Work at Fidelity?

We are proud to be recipients of the following:

Awards

• Canada's Top 100 Employers
  o Greater Toronto's Top Employers
  o Canada's Top Family-Friendly Employers
  o Canada's Top Employers for Young People

Great Place To Work™ Certified
o Best Workplaces for Inclusion
o Best Workplaces for Mental Wellness
o Best Workplaces for Today's Youth
o Best Workplaces for Women
o Best Workplaces in Financial Services & Insurance
o Best Workplaces in Ontario

Human Resource Director (HRD) - Best Place To Work
o HRD - 5-Star Benefit Program
o HRD - 5-Star Diversity & Inclusion Employer

• Canadian Compassionate Companies – Certified
• Benefits Canada's Workplace Benefits Award - Future of Work Strategy
• TalentEgg National Recruitment Excellence Award - Special Award for Diversity & Inclusion in Recruiting

Designations

• A Canadian Compassionate Company
• Great Place to Work (Dec 2022 - Nov 2023)
• Best Workplaces for Women 2023 by Great Place to Work