Job Description:

Job Description

Are you looking for an opportunity to innovate, pursue new technologies, solve problems, and contribute to high-profile projects? Do you want to join a firm that’s making significant annual investment in technology? Then you’ve found the right place.

Fidelity has new opportunities for Cybersecurity Vulnerability Assessors to assist with our Vulnerability Disclosure Team. You’ll have full access to virtual training and learning opportunities, plus dynamic working resources to help you stay connected.

The Vulnerability Disclosure Team’s missions is to protect Fidelity's assets and our customers’ livelihoods from the threat of exploitation by malicious adversaries.

This is done by proactively enabling third party security researchers to identify and responsibly disclose vulnerabilities in our systems in a positive, coordinated, and innovative manner.

The team works closely with several teams in our AppSec space.

Our Vision

We aspire to be a best-in-class responsible disclosure team, with fully engaged, passionate members.Producing high-quality work in a consistent, effective, efficient, customer-oriented manner.Providing competitive advantage to the firm and serving as a differentiator in the marketplace.Serving as a role model for others across the Enterprise and wider industry.
 

Fidelity has a large and diverse portfolio of products. This provides for a varied and exciting role by giving the team the opportunity to work across a multitude of different areas of the business.

The Role

You will interact directly and indirectly with security researchers outside of Fidelity to discuss vulnerabilities and their impact on our environmentYou will research and reproduce the security vulnerabilities reported through the program and develop timely remediation plans in collaboration with technical leadership across the businessYou will develop, document, and operationalize the procedures necessary to action and respond to externally sourced security reportsYou will communicate program results and trend analysis with stakeholders on a regular cadence to insure continuous improvement of the overall enterprise cybersecurity programAs opportunities present, you will partner with other programs within our security assessments space, to include the Pre-Release Assessment team, to support proactive assessments of our environment.

The Expertise and Skills You Bring

Proficient technical knowledge of web applications and mobile technology.Increasing proficiency in common web application vulnerabilities and can successfully exploit trivial to moderate complexity attacks.Knowledge of how to defend against common web application vulnerabilities (OWASP Top 10)Increasing proficiency in a programming language, ability to read multiple programming languages, and basic frameworks.Knowledge of the essential features of tools used to validate reported vulnerabilities in code and running applications.Hands-on experience with web application penetration testingHands-on experience with bug bounty and vulnerability disclosure programs would be preferredHighly motivated with the willingness to take ownership / responsibility for your work and the ability to work alone or as part of a team.Preferred: eWPT, eWPTX, CBBH, OSWE, or other industry recognized security certifications

The Team

The Vulnerability Disclosure Team forms part of the Security Assessment group within Enterprise Cybersecurity (ECS). The goal of the Security Assessment group is to proactively identify and remediate vulnerabilities in Fidelity’s applications and infrastructure. We work very closely with all of the key Business Units to ensure that they remain secure while they deliver key projects to advance the firm.

Certifications:

Company Overview

Fidelity Investments is a privately held company with a mission to strengthen the financial well-being of our clients. We help people invest and plan for their future. We assist companies and non-profit organizations in delivering benefits to their employees. And we provide institutions and independent advisors with investment and technology solutions to help invest their own clients’ money.

Join Us

At Fidelity, you’ll find endless opportunities to build a meaningful career that positively impacts peoples’ lives, including yours. You can take advantage of flexible benefits that support you through every stage of your career, empowering you to thrive at work and at home. Honored with a Glassdoor Employees’ Choice Award, we have been recognized by our employees as a top 10 Best Place to Work in 2024. And you don’t need a finance background to succeed at Fidelity—we offer a range of opportunities for learning so you can build the career you’ve always imagined.

Fidelity’s hybrid working model blends the best of both onsite and offsite work experiences. Having the majority of our associates work onsite is important for our business strategy and our culture. We also value the benefits that working offsite offers associates. Most roles listed as Hybrid will require associates to work onsite all business days of every other week in a Fidelity office. This does not apply to roles listed as Remote or Onsite.

At Fidelity, we value honesty, integrity, and the safety of our associates and customers within a heavily regulated industry. Certain roles may require candidates to go through a preliminary credit check during the screening process. Candidates who are presented with a Fidelity offer will need to go through a background investigation, detailed in this document, and may be asked to provide additional documentation as requested. This investigation includes but is not limited to a criminal, civil litigations and regulatory review, employment, education, and credit review (role dependent). These investigations will account for 7 years or more of history, depending on the role. Where permitted by federal or state law, Fidelity will also conduct a pre-employment drug screen, which will review for the following substances: Amphetamines, THC (marijuana), cocaine, opiates, phencyclidine.

We invite you to Find Your Fidelity at fidelitycareers.com.

Fidelity Investments is an equal opportunity employer. We believe that the most effective way to attract, develop and retain a diverse workforce is to build an enduring culture of inclusion and belonging.

Fidelity will reasonably accommodate applicants with disabilities who need adjustments to participate in the application or interview process. To initiate a request for an accommodation, contact the HR Accommodation Team by sending an email to accommodations@fmr.com.