About the Role:
Our Information Security team is looking for a Senior Information Security Engineer to join to join our Cyber Resiliency function. The individual in this role will participate in execute, support and lead Exercise Enablement within Cyber Resiliency, and remains integrated with Enterprise Business Resiliency framework.
The individual in this role will be liaising with Cyber Defense teams to include Cyber Threat scenarios into integrated testing exercises to validate established business resiliency objectives. The individual in this role will have practical experience in handling and execution cyber resilience requirements at an enterprise level.
The candidate will have experience in the areas Information technology and recovery planning; testing of plans and linkages to business continuity by supporting development and execution of realistic cyber exercise scenarios which can simulate disruptions in business functions.
In this role, you will -
- Direct the participation of leadership and lines of businesses in exercises and compliance with testing
- Direct & Execute Cyber Resiliency scope across: Integrated Exercises; Clean Rebuild Exercises; Offline Backup Recovery and Validation Testing (BRVT) Data Recovery Exercises; and Data Vault Exercises
- Make decisions in highly complex and multifaceted situations requiring solid understanding of domain and technology applications
- Collaborate & consult with business and technology teams to provide comprehensive technological solutions for complex problems
- Ensure communication flow between the teams involved in the cyber resiliency exercises
- Play a critical role in transforming the cyber resiliency of the businesses and functions by evaluating capabilities, identifying weaknesses, and providing guidance on improvements
- Ensure alignment of Cyber Resiliency Exercise scope and objectives to Enterprise Exercise plans and schedule
- Engage and secure application with platform support team’s exercise participation
- Coordinate and influence across all stakeholders (EBCP, TRDR, etc.)
- Validate execution steps to documented procedures and validate results
- Ensure gaps are captured and documented within After Action reports
- Coordinate with Technology Resiliency Gap Remediation team to ensure gaps are properly dispositioned
- Capture learnings to drive continuous improvement of Exercise Strategy and Plans
- 8+ years of strong experience in the areas such as cyber resilience and related activities, disaster recovery, handling table top exercises and preparing AAR.
- Hands-on experience with information security and expert understanding of cyber resilience requirements at an enterprise level
- Knowledge on handling and managing table top exercises and producing After Action Reports (AAR).
- Experience in assessing recovery capabilities and report on status to stakeholders.
- Drive Resiliency and Disaster recovery programs for the organization while working closely with cyber security and defense, technology and business continuity functions
- Demonstrate the ability to provide written and verbal communications to management to address real-time issues and incidents, including writing formal incident reports
- Strong verbal and written communication skills are desired, in order to ensure thorough and accurate reporting.
- Ability to execute in a fast paced, high demand, environment while balancing multiple priorities
- Bachelor’s and/or Master’s degree in computer science or information systems
- Experience and knowledge of Crisis management will be an added advantage.
- Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux
- Advanced problem solving skills, ability to develop effective long-term solutions to complex problems
- Cyber Security concepts, NIST framework for cyber security & cyber resiliency
- Cloud Security Concepts and experience on Azure, AWS or GCP
- Cyber Risk Assessment & Management
We Value Diversity
At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.
Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.
Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.