Job Description:

The mission of the Secure Software Development Lifecycle team (SSDLC) is to protect Fidelity's assets and our customers’ livelihoods from the threat of exploitation by malicious adversaries.

The SSDLC team does this by proactively helping developers to Identify vulnerabilities in our systems and serving as subject matter experts to enable the business units to mitigate them in a positive, collaborative, innovative manner.  The team does this by providing training and tooling to teams to enable them to seamlessly integrate security into all stages of the development pipeline.

Our Vision

We aspire to be a best-in-class SSDLC team, with fully engaged, passionate members.

Producing high-quality work in a consistent, effective, efficient, customer-oriented manner.

Providing competitive advantage to the firm and serving as a differentiator in the marketplace.

Serving as a role model for others across the Enterprise and wider industry.

And driving advancement and research in the cybersecurity space.

Fidelity has a large and diverse portfolio of products.  This provides a varied and interesting role giving the team the opportunity to work on a multitude of different areas of the business.

The Role

You will join a highly skilled team of subject matter experts to help enable the development community to build secure applications

You will research, develop and document, technical guidance and best practices for emerging technologies to help teams build secure applications

You will research and understand the technologies in use by Fidelity to support our crypto currency capabilities. You will monitor published vulnerabilities in those technologies and provide leadership on the impact of those vulnerabilities and guidance on how to remediate.

You will build secure reference applications for emerging technologies in use, to aid teams in adopting a secure by default approach

You will perform secure architecture reviews for mission critical applications to ensure they are secure by design

You will design and develop training material for new technologies to help them avoid common security issues

You will partner with other teams within Enterprise Cybersecurity to improve the overall security of Fidelity's detective capabilities, applications, and infrastructure.

The Expertise and Skills You Bring

Bachelor’s degree or equivalent experience

10+ years of IT experience

7+ years hands-on experience working within the Application Security domain

Experience with cryptocurrency and block chain technologies

Strong development/architecture experience

Expert level technical knowledge of application and network security vulnerabilities and best-practices.

Proven analytical and problem-solving skills, as well as the desire to assist others in solving issues

Highly motivated with the willingness to take ownership / responsibility for your work and the ability to work alone or as part of a team.

Preferred: Exploit and tool development experience

Preferred: OSCP, OSCE, GPEN, GXPN, CISSP, or other industry recognized security certification

The Team

The Secure Software Development Lifecycle (SSDLC) team is part of Enterprise Cyber Security (ECS) and drives secure application design for the Enterprise. Additionally, the SSDLC team provides technical security guidance and training to the development community within Fidelity.

Certifications:

Company Overview

Fidelity Investments is a privately held company with a mission to strengthen the financial well-being of our clients. We help people invest and plan for their future. We assist companies and non-profit organizations in delivering benefits to their employees. And we provide institutions and independent advisors with investment and technology solutions to help invest their own clients’ money.

Join Us

At Fidelity, you’ll find endless opportunities to build a meaningful career that positively impacts peoples’ lives, including yours. You can take advantage of flexible benefits that support you through every stage of your career, empowering you to thrive at work and at home. Honored with a Glassdoor Employees’ Choice Award(opens in a new tab), we have been recognized by our employees as a Best Place to Work in 2022. And you don’t need a finance background to succeed at Fidelity—we offer a range of opportunities for learning so you can build the career you’ve always imagined.

As a result of COVID-19, many of our associates are continuing to work remotely. When Fidelity employees eventually return to the office, our goal is for most people to work flexibly in a way that balances both personal and business needs with time onsite and offsite through what we’re calling “Dynamic Working(opens in a new tab).” 

We invite you to Find Your Fidelity at fidelitycareers.com.

Fidelity Investments is an equal opportunity employer. We believe that the most effective way to attract, develop and retain a diverse workforce is to build an enduring culture of inclusion and belonging.

Fidelity will reasonably accommodate applicants with disabilities who need adjustments to participate in the application or interview process. To initiate a request for an accommodation, contact the HR Leave of Absence/Accommodation Team by sending an email to accommodations @fmr.com, or by calling 800-835-5099, prompt 2, option 2.