Important Note: During the application process, ensure your contact information (email and phone number) is up to date and upload your current resume prior to submitting your application for consideration. To participate in some selection activities you will need to respond to an invitation. The invitation can be sent by both email and text message. In order to receive text message invitations, your profile must include a mobile phone number designated as 'Personal Cell' or 'Cellular' in the contact information of your application.
At Wells Fargo, we want to satisfy our customers' financial needs and help them succeed financially. We're looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you'll feel valued and inspired to contribute your unique skills and experience.
Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
Wells Fargo Technology is a team of more than 40,000 information technology and security professionals who help keep Wells Fargo at the forefront of America's diversified financial services companies. Employees execute an engineering-led IT strategy to deliver stable, secure, scalable and innovative services that provide Wells Fargo global customers 'round-the-clock' banking access through in-store, online, ATM, and other channels. Wells Fargo Technology plays a critical role in the company's customer and employee experience, business and risk management transformation, and growth agenda.
Technology Control resides within the Wells Fargo Technology (WFT) organization. Its functions improve how we own, assess, manage, and report technology risks, while ensuring that we have strong technology risk expertise, employ the concept of risk management as a utility – operationalizing for efficiency, and move us to progressive risk management based on data and analytical processes.
Core Job Responsibilities
Support risk management framework for processes, risks and controls to support demonstrated regulatory coverage of Information and Cyber Security (ICS) obligations
Optimize the inventory of ICS laws, rules, and regulations to supporting technologies to effectively address risks in alignment with the organization's risk appetite and to meet compliance requirements
Translate information security risk and compliance legislation, regulation and industry guidance into concise Technology obligations to inform policy and control requirements
Analyze regulatory changes to identify applicability to ICS applicable ICS laws, rules, and consult risk owners regarding impact
Partner with risk owners to help identify changes to the control environment required by new/modified obligations and monitor/report on progress requirements and propose changes to improve the organization's security, risk and compliance posture
Develop an understanding of enterprise Understanding of enterprise regulatory requirements and industry guidance applicable to financial institutions
Evaluating the adequacy of requirement language to aligned controls
Provide oversight and monitoring of gap remediation process for assigned division(s)
Provide guidance to partners on ICS topics in support of policies and obligations
7+ years of experience in risk management (includes compliance, financial crimes, operational risk, audit, legal, credit risk, market risk, IT systems security, business process management) or 7+ years of financial services industry experience, of which 5+ years must include direct experience in risk management
Certified Internal Auditor (CIA), Certified Information Systems Auditor, (CISA) Certification in Control Self-Assessment (CCSA), Certified Information Systems Security Professional, (CISSP) or other risk management discipline certification
Ability to work effectively in a team environment and across all organizational levels, where flexibility, collaboration, and adaptability are important
Advanced Microsoft Office skills
Excellent verbal, written, and interpersonal communication skills
Good analytical skills with high attention to detail and accuracy
Other Desired Qualifications
7+ Years risk management experience with demonstrated leadership skills and ability to mature risk management programs
Demonstrated knowledge of Technology and Security risk framework – NIST, ITIL, COSO, BASEL, FedRAMP, PCI, COBIT, FFIEC and OCC Heightened Standards
Thorough understanding of SOX, GDPR, and the California Consumer Privacy Act (CCPA)
Familiarity with a broad range of IT and Information Security products and technologies such as identity and access management, vulnerability management, encryption, and key management, logging and monitoring and application security
Familiarity with cloud-based environments and technologies with associated auditing methodologies
Information Security audit/audit consulting experience
Strong risk and control fundamentals, knowledge of risk framework and methodologies
Knows when to act independently and when to influence the decision making process
Reviews own work product for completeness and accuracy against a set of criteria
Program execution experience
Demonstrated collaboration skills, especially with difficult topics when partnering with senior management. This includes the willingness and ability to question decisions, understand direction and escalate issues, where necessary.
Demonstrated experience with both strategic and tactical approaches to risk management.
Experience identifying and assessing regulatory compliance risk associated with Technology
Experience within an Enterprise Technology function or Technology Risk function with demonstrated knowledge of, technology systems, applications and associated risks
Experience with developing and implementing automation for controls and compliance is preferred
Understanding of security metrics and creation of useful dashboards for management review and consumption
All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.
Relevant military experience is considered for veterans and transitioning service men and women. Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.
Wells Fargo & Company (NYSE: WFC) is a diversified, community-based financial services company with $1.9 trillion in assets. Wells Fargo’s vision is to satisfy our customers’ financial needs and help them succeed financially. Founded in 1852 and headquartered in San Francisco, Wells Fargo provides banking, investment and mortgage products and services, as well as consumer and commercial finance, through 7,400 locations, more than 13,000 ATMs, the internet (wellsfargo.com) and mobile banking, and has offices in 32 countries and territories to support customers who conduct business in the global economy. With approximately 260,000 team members, Wells Fargo serves one in three households in the United States. Wells Fargo & Company was ranked No. 29 on Fortune’s 2019 rankings of America’s largest corporations. News, insights and perspectives from Wells Fargo are also available at Wells Fargo Stories.
www.wellsfargo.com | Twitter: @WellsFargo