At Wells Fargo, we want to satisfy our customers’ financial needs and help them succeed financially. We’re looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you’ll feel valued and inspired to contribute your unique skills and experience.
Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
Corporate Risk helps all Wells Fargo businesses identify and manage risk. We focus on three key risk areas: credit risk, operational risk, and market risk. We help our management and Board of Directors identify and monitor risks that may affect multiple lines of business, and take appropriate action when business activities exceed the risk tolerance of the company.
Enterprise Information Security (EIS) is part of Wells Fargo's Corporate Risk organization. Wells Fargo views information security as enabling lines of business to mitigate information security risk in accordance with our risk appetite. Through a framework that addresses policy, process, operations, people, and technology, EIS protects our infrastructure, corporate data, and customer assets, and ensures alignment with applicable regulations and laws. Our vision is to provide Wells Fargo with world-leading cyber security risk management.
This Technology Risk Manager 1 will support the Enterprise Information Security program for Canada and/or Latin America.
Responsibilities will include:
- Leverage established relationships with business, technology, and risk partners to ensure that information security risks are appropriately identified and managed.
- Perform direct consultation with regionally aligned partners in Enterprise Information Security (EIS), Enterprise Information Technology (EIT), Information Risk Management (IRM) and Technology Risk Management Oversight (TRMO) to ensure information security risks are identified, discussed, dispositioned, appropriately mitigated and/or escalated for further review.
- Work closely with the Regional Risk Officer teams to review regional regulatory requirements to determine impact on IS programs and LOB activities in the Canada and/or Latin America region.
- Identify and report IS matters requiring escalation, track training and awareness compliance, and participate in reverse audit and regulatory response activities.
Specifically this Manager will focus on:
- Data Loss Protection/Compromised Data incidents within Canada and/or Latin America (DLP/CD).
- Data Loss Prevention/Compromised Data incident inputs/outputs including incident notification, reporting, stakeholder engagement and remediation.
- Activities surrounding Cyber Defense breach incidents within Canada and/or Latin America.
- Third Party Relationship Management program activities for Canada and/or Latin America including IS SME consultation, and IS policy compliance monitoring and remediation.
- Data analysis on regional regulatory requirements to determine impact on IS programs and LOB activities.
*All locations within the domestic United States will be considered, including telecommute.*Required Qualifications
- 3+ years of information security experience
- 3+ years of technology delivery and relationship management experience
- Data collection and reporting experience
- Information Security reporting and analysis experience
- Virtual leadership experience with ability to effectively drive results, provide feedback/direction, and manage and build relationships with leaders and team members in a geographically dispersed team environment
- Ability to deliver concise, time critical information to all levels of management, technology and business teams
- Ability to discuss and understand business needs/wants with non-technical people
- Ability to interpret technical requirements documents and system flows to translate into reporting requirements
- Ability to manage information governance policies and procedures
- Ability to translate and present complex technical data across technical and non-technical groups
- Ability to work and influence successfully within a matrix environment and build effective business partnerships with all levels of team members
- Ability to work effectively in virtual environment where key team members and partners are in various time zones and locations
- Knowledge and understanding of security and governance standards/policies
- Large-scale project management skills
- Strong organizational, multi-tasking, and prioritizing skills
- Strong relationship management skills
- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC)
- Experience with financial services businesses in a regulated environment
- Experience developing and executing communication strategies by collaborating with large, matrixed teams
- Experience managing third party relationships and measuring performance results
- Relationship management experience delivering technology services between one or more internal technology organizations and small to medium-sized internal lines of business
- 3+ years of experience with Information Security and risk management for large multi-national companies
- 3+ years of experience with technology and relationship management with a client organization
- Proven effectiveness in partnership across various stakeholders, including senior and executive management across multiple time zones
- Project management experience and ability to work within a large complex business environment
- Well versed in formal governance processes and frameworks in a regulated environment
- Strong communication and reporting skills with the ability to present and communicate effectively to a non-technical audience
- Third Party Relationship Management experience
- Experience building and maintaining third party relationships a plus
- Relationship management experience in medium to large cross-functional organizations with a focus on supporting strategic and tactical initiatives
- Ability to travel domestically and internationally
- Ability to travel up to 30% of the time
- All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.
Relevant military experience is considered for veterans and transitioning service men and women.
Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.