• Lead and mentor a global team of threat engineers focused one or more of the following disciples; threat detection, threat emulation, threat intelligence, and incident response. • Supervise all aspects of the team including hiring, training, evaluating, and coaching. • Foster a culture of technical excellence, collaboration, and continuous improvement • Manage team training, development, and staffing to ensure readiness for current and emerging threats • Lead threat engineering efforts that develop, deploy, and operate tools and services that enable the teams ability to detect and respond to cybersecurity threats • Collaborate with other Threat Management teams to ensure alignment with strategic objectives and to drive operational effectiveness • Provide detailed technical insights and recommendations to security leadership. • Develop and report metrics for reporting at an organizational, company, and/or Executive level.

• Own the operational backbone of Detection & Response (D&R): intake, triage, investigation flow, reporting, and MDR oversight. • Redesign processes, write code to eliminate toil, and leverage AI to make the team faster. • Engage partners effectively, ensuring D&R delivers on its mission. • Ensures detections flow into operational processes, manages investigations and incidents.

Title: GSOC Lead Specialist Location: 2 Contra Way, Merrimack NH Full-time Hybrid Job Description: Fidelity Global Security Operations Center (GSOC) – Lead Specialist The Role The GSOC Lead Specialist is responsible for providing support in security/fire/life safety alarm monitoring; Threat Assessment and intelligence gathering, video monitoring, incident management, travel safety and dispatching Fidelity security or public safety personnel to corporate locations. Responsibilities: · As a senior member of the operations center team, the Lead Specialist will be responsible for assisting management in coordinating Fidelity’s security response to incidents that occur at or near corporate locations/events by using appropriate communication methods. Responses may be to medical emergencies, criminal activity, fire, duress alarms. Lead Analysts will liaison with law enforcement, fire, or other public safety organizations related to emergencies on or near corporate locations. · Review, analyze and disseminate open-source and subscription-based intelligence to help mitigate and report global threats to corporate locations, associates, and stakeholders. · Document, assess, and report on instances of possible threats in the workplace. Coordinate with management regarding escalated cases. · Support the Travel Security program through monitoring of associate travel and analyze events of concern or elevated risk. Act as primary contact for travel security incident management. · Report out of the ordinary or abnormal conditions to the corporation’s security personnel, management, associates, contractors, and facilities organization. · Receive, evaluating, and disseminating information and reports from internal business groups and local agencies. · Develop concise, fact-based incident reports for distribution to various Fidelity stakeholders. · Coordinate service requests for afterhours access to Fidelity offices. · Play an integral role in helping to develop new security, incident management, and intelligence gathering processes. · Refine existing GSOC response and escalation procedures. · Responsible to lead the on-duty shift when delegated by management. · Support and mentor junior personnel to enhance proficiency with GSOC technology resources, processes, and procedures. The Expertise and Skills You Bring · 3 years of full-time experience in a security function, preferably in an operations or control center assignment. · Previous life safety or incident management training preferred. · Bachelor’s Degree preferred. · Computer proficiency with Microsoft Office suite of products. · Demonstrated experience in the use of Alarm Monitoring, Access Control, Video Management, and Crisis Communication technology. · Ability to work in a flexible scheduling environment (rotating shifts, nights, weekends, and holidays). · Experience collecting, analyzing, and disseminating open source or subscription-based intelligence. · Providing excellent customer service in a high call volume environment · Ability to work in a fast-paced organization; coordinate and manage multiple tasks with limited supervision. · Must be able to communicate effectively with all levels of the corporation. Note: Fidelity will not provide immigration sponsorship for this position. Category: Security Most roles at Fidelity are Hybrid, requiring associates to work onsite every other week (all business days, M-F) in a Fidelity office. This does not apply to Remote or fully Onsite roles. Some roles may have unique onsite requirements. Please consult with your recruiter for the specific expectations for this position. Please be advised that Fidelity’s business is governed by the provisions of the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, the Investment Company Act of 1940, ERISA, numerous state laws governing securities, investment and retirement-related financial activities and the rules and regulations of numerous self-regulatory organizations, including FINRA, among others. Those laws and regulations may restrict Fidelity from hiring and/or associating with individuals with certain Criminal Histories.

• Own the detection and response lifecycle across our security stack • Author, test, tune, and maintain detection rules in CrowdStrike NGSIEM using CQL • Map detection coverage to MITRE ATT&CK and identify gaps • Build detection logic informed by real-world TTPs • Develop and maintain Falcon Fusion SOAR playbooks for automated enrichment, containment, and triage workflows • Manage IOC correlation using CrowdStrike's native CTI and external threat intelligence feeds • Investigate security events using CrowdStrike XDR and perform technical analysis of threat events • Support incident triage and coordinate with internal teams during high-severity incidents