Information & Cyber Security (ICS) is part of Wells Fargo Technology organization. Wells Fargo views information security as enabling lines of business to mitigate information security risk in accordance with our risk appetite. Through a framework that addresses policy, process, operations, people, and technology, ICS protects our infrastructure, corporate data, and customer assets, and ensures alignment with applicable regulations and laws. Our vision is to provide Wells Fargo with world-leading cyber security risk management.
About the Role
Responsible for providing information security expertise and proactive risk-based solutions to aligned business and/or applicable teams that report to aligned Business Information Security Office (BISO) so that information security risks are addressed in a timely manner.
- Works closely with the Regional Control and Risk teams to proactively identify needed security practices within the business.
- Provides technical understanding of existing and emerging information security risks.
- Assists with the monitoring, reporting and tracking of ICS programs within the business.
- Provides regional and business views to align Business Information Security Office (BISO) strategy.
- Evaluates the appropriateness of policy exceptions and risk acceptances.
- Assists the aligned Business ISO with providing strategic-level consultation to managers and stakeholders regarding long and short range information security risk/requirements.
- Recommends innovations that anticipate future directions of both the business, Information Technology and Information Security.
- Understand the regional local regulatory requirements and how these regulations impact Information Security risk within the region.
- Provide coverage / support for other regions in different time zones (i.e. US timezone).
- Coordinate vulnerability assessments and provide oversight in LOBs 3rd party IS assessments for the region.
- BS/BA degree or higher in science or technology
- 6+ years of experience in compliance, operational risk management (includes audit, legal, credit risk, market risk, or the management of a process or business with accountability for compliance or operational risk), or a combination of both;
- Or 6+ years of IT systems security, business process management or financial services industry experience, of which 3+ years must include direct experience in compliance, operational risk management, or a combination of both
- 5+ years of information security experience
- 6+ years of Information Security Frameworks and standards (FFIEC, NIST, ISO) experience
- Strong analytical skills with high attention to detail and accuracy
- Ability to interact with all levels of an organization
- Ability to influence and build relationships with LOB stakeholders, technology CIO leadership, external service providers, and architecture teams
- Knowledge and understanding of information security risk assessment procedures, risk mitigation or remediation
- Ability to articulate issues, risks, and proposed solutions to various levels of staff and management
- Virtual leadership experience with ability to effectively drive results, provide feedback/direction, and manage and build relationships with leaders and team members in a geographically dispersed team environment
- Ability to travel if require
We Value Diversity
At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.
Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.
Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.