Principal Cybersecurity Consultant

Job Description:

Enterprise Cybersecurity (ECS) is seeking a Principal Cybersecurity Consultant to join the IAM Adoption Team. This role blends cybersecurity risk and data analysis with a focus on access controls, stakeholder collaboration, and proactive problem-solving. You will join a team of analysts tasked with strengthening Fidelity's access ecosystem by identifying control risks, expanding control coverage, and delivering actionable insights. We are looking for a critical thinker and clear communicator who can combine technical fluency (SQL, data visualization, IAM/PAM experience) with strategic execution in a complex environment.

The Expertise You Have and The Skills You Bring

• 8+ years of experience in a data-focused role within cybersecurity, risk, or access management
• Advanced proficiency in SQL, data visualization tools (PowerBI, Tableau), Excel, Confluence, and SharePoint
• In-depth experience with IAM/PAM concepts and platforms such as SailPoint, Azure AD, AWS IAM, Okta, CyberArk, HashiCorp, Delinea, BeyondTrust, or similar
• Proven ability to work independently, manage competing priorities, and engage with senior stakeholders
• Excellent written and verbal communication skills, with an ability to translate complex, technical data to diverse audiences
• Skilled in building repeatable, scalable data queries and dashboards that accelerate access remediation and improve visibility into control posture
• Experience in regulated industries such as financial services, healthcare, or banking
• Proven success in roles that required both technical execution (e.g., SQL, dashboarding, data validation) and strategic communication with cybersecurity and business leaders
• Background in audit readiness, control assurance, and/or risk quantification is a plus
• Bachelor's or Master's in a related field (Information Systems, Data Science, Cybersecurity, or similar)
• Identify and remediate access risks and control gaps by analyzing large datasets across IAM and PAM platforms
• Use SQL and other data tools to query systems, validate data quality, and evidence control coverage and gaps
• Leverage strong critical thinking with experience assessing platform designs for IAM compliance and identifying risks and solutions in non-standard implementations
• Design and optimize complex SQL queries and ETL pipelines to support large-scale data ingestion, transformation, and validation across diverse IAM/PAM systems
• Build dashboards and reports that communicate access risk posture, control coverage, and key metrics to cybersecurity and business leaders
• Collaborate with cybersecurity, operations, internal audit, product delivery, and application teams to translate and resolve control coverage findings
• Serve as a subject matter expert on access controls, privileged access, and identity governance data flows
• Drive continuous improvement by documenting current/future states and mentoring junior analysts
• Lead requirements gathering and write well-defined epics and stories with value-driven acceptance criteria
• Ask the right questions, challenge assumptions, and drive clarity in complex technical and business environments

• Relevant certifications include CIAM, CISSP, CISA, CISM, and CRISC
• Platform-specific credentials from SailPoint, CyberArk, or BeyondTrust are a plus
• Certifications such as CSPO, CSM, IIBA (CCBA, CBAP, POA) are a plus