Important Note: During the application process, ensure your contact information (email and phone number) is up to date and upload your current resume when submitting your application for consideration. To participate in some selection activities you will need to respond to an invitation. The invitation can be sent by both email and text message. In order to receive text message invitations, your profile must include a mobile phone number designated as 'Personal Cell' or 'Cellular' in the contact information of your application.
At Wells Fargo, we want to satisfy our customers' financial needs and help them succeed financially. We're looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you'll feel valued and inspired to contribute your unique skills and experience.
Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
Wells Fargo Technology is a team of more than 40,000 information technology and security professionals who help keep Wells Fargo at the forefront of America's diversified financial services companies. Employees execute an engineering-led IT strategy to deliver stable, secure, scalable and innovative services that provide Wells Fargo global customers 'round-the-clock' banking access through in-store, online, ATM, and other channels. Wells Fargo Technology plays a critical role in the company's customer and employee experience, business and risk management transformation, and growth agenda.
This technology risk management role will focus on Cloud IT services and supporting operational processes and controls. Our environment continues to be one of the heightened standards, raised risk consciousness, and regulatory requirements. As part of the First Line of Defense, this role provides leadership support to ensure that Cloud Technology Office (CTO) line of businesses supporting Cloud are accountable for risks associated with its activities, current and emerging risk identification, measurement, assessment, control, mitigation, monitoring and reporting.
Responsibilities of this position include, but are not limited to:
Mature and execute technology risk management strategy for cloud based solutions, working closely with business, technology, and risk lines of defense to enable internal and external cloud platform capabilities
Provide strategic thought leadership and influence for an effective information and cyber security control environment as it pertains to private and public cloud environments, both on-premises and off-premises
Provide operational risk and regulatory compliance oversight in support of a forward thinking Cloud strategic vision and direction; collaborate closely with technology, information security, and development stakeholders to drive a risk-based approach across cloud computing activities, monitor action plans and milestones, and challenge new thinking
Develop and present compelling views and conduct persuasive conversation focused on Cloud transformation and risk management activities, with expertise in understanding business impacts of technology decisions as they relate to cloud adoption and enablement, specifically risk management and security
Ensure adherence to supporting policies and standards by providing feedback, direction, and industry leading practices
Providing reviews on risk issue remediation plans and provides feedback on strategy, governance, measurable benefits, metrics, scope and reasonableness
Applies relevant risk, domain and change knowledge/experience to ensure the timely and effective identification, assessment and escalation of risks in a transparent manner
Possess strong communications skills, demonstrate critical thinking capabilities, and the ability to convey complex information and ideas both simply and clearly; be able to effectively communicate and broker agreements amongst diverse, differing, competing, and/or conflicting perspectives/priorities
Assists with the implementation of corporate policies, risks and controls that are preventative in nature which can be either automated or manual and align with all risk lines of defense
10+ years of experience in risk management (includes compliance, financial crimes, operational risk, audit, legal, credit risk, market risk, IT systems security, business process management) or 10+ years of financial services industry experience, of which 7+ years must include direct experience in risk management
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC)
Experience communicating in both written and verbal formats with senior executive-level leaders
Ability to organize and manage multiple priorities
Ability to generate, review, edit, and distribute executive level reports
Good analytical skills with high attention to detail and accuracy
Experience working with internal and external auditors and examiners
Experience reviewing testing strategies and methodologies; evaluating the adequacy and effectiveness of policies, procedures, processes, initiatives, products and internal controls; and identifying issues resulting from internal and/or external compliance examinations
Advanced Microsoft Office skills
Excellent verbal, written, and interpersonal communication skills
Strong analytical skills with high attention to detail and accuracy
Virtual leadership experience with ability to effectively drive results, provide feedback/direction, and manage and build relationships with leaders and team members in a geographically dispersed team environment
Other Desired Qualifications
10+ years of experience supporting an Enterprise Technology function or within a Technology Risk function with demonstrated knowledge of Technology systems, applications, infrastructure and emerging Technology and associated risks in a business environment
5+ years of experience and technical knowledge with various cloud computing technologies, such as (but not limited to) Amazon Web Services (AWS), or Microsoft Azure, or Google Cloud Platform, or Pivotal Cloud Foundry (PCF)
5+ years of experience with development operations (DevOps) containerization software technologies for enabling cloud computing, such as (but not limited to) Kubernetes, or Docker, or OpenShift, or Jenkins
5+ years of experience overseeing implementation and sustainment of operational process/control requirements in support of cloud computing, covering information security, technology, data protection, and resiliency; by leveraging standards and guidelines from industry Technology and Security risk frameworks, such as (but not limited to) NIST, FedRAMP, COBIT, CSA, CCM, FFIEC, COSO, BASEL, ITIL
Strong understanding of operational controls management (technology, information/cyber security, compliance), policy implementation, gap assessment
Experience migrating production enterprise applications to Private and Public Cloud environments
Experience in assessing risk, writing issues, and developing appropriate corrective actions
Exposure to audit/regulatory exam requirements and experience managing technology risk remediation deliverables
Strong understanding of issue management, technology/risk reporting, KRI/KPI implementation, vulnerability monitoring and remediation
Experience with control evaluation and testing that including documentation of testing and reporting results
Experience developing and/or evaluation of technology governance programs, policies, standards and procedures
Demonstrated negotiation skills, especially with difficult topics when partnering with senior management; including the willingness and ability to question decisions, understand direction and escalate issues where necessary
Demonstrated experience with both strategic and tactical approaches to risk management
Experience navigating across a matrixed organization environment
Ability to turn preliminary or ambiguous information, ideas, or problems into well-defined plans and solutions
Experience managing and executing information Technology risk programs that align to a Technology Business function
Track record of providing constructive consulting with appropriate issue escalation and offering solutions
Strong ability and experience working with and collaborating with leaders and team members at all levels and across functional lines.
Comprehensive knowledge and understanding of strategic elements of financial, operational, technical and regulatory environments across a complex global services environment
Ability to travel up to 10% of the time
All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.
Relevant military experience is considered for veterans and transitioning service men and women. Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.
Wells Fargo & Company (NYSE: WFC) is a diversified, community-based financial services company with $1.9 trillion in assets. Wells Fargo’s vision is to satisfy our customers’ financial needs and help them succeed financially. Founded in 1852 and headquartered in San Francisco, Wells Fargo provides banking, investment and mortgage products and services, as well as consumer and commercial finance, through 7,400 locations, more than 13,000 ATMs, the internet (wellsfargo.com) and mobile banking, and has offices in 32 countries and territories to support customers who conduct business in the global economy. With approximately 260,000 team members, Wells Fargo serves one in three households in the United States. Wells Fargo & Company was ranked No. 29 on Fortune’s 2019 rankings of America’s largest corporations. News, insights and perspectives from Wells Fargo are also available at Wells Fargo Stories.
www.wellsfargo.com | Twitter: @WellsFargo