Technical Consultant - Technology Controls Assurance

Job Description

Title                 Technical Consultant - Technology Controls Assurance

Department      Technology Controls Assurance

Location          Gurgaon

Reports To       Associate Director - Technology Risk & Assurance

Level                Grade 5

We share a commitment to making things better for clients and each other. We continually explore new technology and different ways of working to put our clients first. So, bring your boldest ideas to our Technology Controls Assurance (TCA) team and feel like you’re making progress

About your team

The Technology Controls Assurance (TCA) team is part of the Non‑Financial Risk & Enterprise Resilience function, a centralized global team responsible for providing independent assurance over Technology risk and compliance across Business and Technology functions. The team works closely with internal stakeholders, internal audit, and external auditors.

The scope of the TCA team includes maintaining oversight of coverage and compliance against Technology Policies and Standards; facilitating external audits and certifications to industry standards (such as ISO); supporting client‑led technology audits and responding to client questionnaires across Technology domains; and governing Technology controls, including monitoring, assessment coordination, and verification to ensure controls across Enterprise Technology functions are operating effectively.

About your role
As a Technical Consultant – Technology Controls Assurance, you will act as the operational owner of the Technology Policy Framework (TPF) support, accountable for ensuring technology controls compliance, audit readiness, and regulatory defensibility across Technology domains.

The role owns the end‑to‑end execution and continuous evolution of control onboarding, mapping, and assurance within enterprise GRC tooling (ServiceNow IRM), ensuring that Technology Policies and Standards are translated into testable, auditable, and regulatory compliant controls. You will work closely with Technology policy leads, standard owners, control owners to ensure consistent interpretation, implementation, and evidence standards across the organization.

This role will be responsible for control design sufficiency, mapping standards, assurance prioritisation, and resolution of conflicts between Technology teams, policy expectations, and audit or regulatory requirements. A core part of the role is to reduce manual effort, strengthen governance, and scale assurance capability as regulatory and enterprise scope expands (e.g. DORA, Resilience, and Industry standards -NIST, ISO, AAF)

About you

Your key accountabilities in this role would be:

• Own and govern Technology control onboarding across Technology Policies and Standards, ensuring controls are accurately designed, mapped, and maintained in ServiceNow IRM.
• Define and enforce standards for control descriptions, mappings, and evidence sufficiency to ensure audit‑ and regulator‑defensible outcomes.
• Lead engagement with Technology policy leads, standard owners, and control owners to drive accountability, resolve interpretation issues, and ensure sustained compliance.
• Exercise judgement and decision‑making during internal and external audits, including resolving challenges on control design, coverage, and evidence expectations.
• Maintain governance over Technology Policy Framework assurance, including continuous assessment, compliance reporting, and issue tracking.
• Own data quality, integrity, and consistency of compliance content within ServiceNow IRM, ensuring reporting accuracy and traceability.
• Drive enhancement and optimisation of the assurance operating model, including automation, reduction of manual overhead, and scalable processes as regulatory scope grows.
• Oversee BAU compliance reporting and analytics, including PowerBI dashboards, alerts, and data integrations from internal and external sources.
• Maintain and evolve the TPF operating model, ensuring clarity of roles, processes, and tooling to enable consistent enterprise adoption.
• Provide training, guidance, and oversight to stakeholders to enable effective use of GRC tools and sustained policy adherence.

Skills and experience:

• Extensive experience in Technology Risk, Control Assurance, and Regulatory Compliance, operating at enterprise and audit‑facing levels.
• Strong hands‑on expertise in ServiceNow IRM, including data models, control frameworks, reporting structures, and platform governance.
• Proven ability to interpret and operationalise regulatory and industry frameworks such as ISO 27001, NIST, ITIL, and emerging regulatory requirements (e.g. DORA).
• Demonstrated experience in assurance reporting and analytics, including PowerBI, platform analytics, and control testing or reporting automation.
• Strong capability to influence and challenge senior stakeholders, resolve ambiguity, and drive outcomes across geographically distributed teams.
• Evidence of owning complex assurance processes, making risk‑based decisions, and balancing regulatory expectations with practical implementation.
• Excellent written and verbal communication skills, with the ability to clearly articulate complex control and compliance concepts to both technical and non‑technical audiences.
• Professional certifications in Risk, Audit, or Compliance are mandatory (e.g. CISA, CISM, ServiceNow IRM or equivalent).

Feel rewarded

For starters, we’ll offer you a comprehensive benefits package. We’ll value your wellbeing and support your development. And we’ll be as flexible as we can about where and when you work – finding a balance that works for all of us. It’s all part of our commitment to making you feel motivated by the work you do and happy to be part of our team. For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.

For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.