Senior Lead Officer - Cyber Security Controls

About this role:

Wells Fargo is seeking a Senior Lead Control Management Officer

In this role, you will:

• Act as an advisor to more experienced leaders in developing risk mitigation strategies for complex and highly integrated business specific risk across different business lines
• Monitor, measure, evaluate, and report impact of decisions and business controls to the relevant business group and enterprise function
• Lead the strategy and resolution of highly complex current and emerging risks requiring in depth evaluation across multiple areas or the enterprise, as well as good understanding of financial crimes, operational risk, audit, legal, credit risk, market risk, IT systems security, and business process management
• Provide vision, direction, and expertise to more experienced leaders on implementing innovative and significant business solutions for highly complex risks associated with business operations
• Lead and mentor Control Management project or virtual teams
• Engage with all levels of roles across the business group, and serve as an experienced advisor in designing and implementing risk mitigation strategies, business processes, and controls that mitigate risks and address regulatory requirements

Required Qualifications:

• 7+ years of Risk Management or Financial Services Industry experience, or equivalent experience demonstrated through one or a combination of the following: work experience, training, military experience, education

Desired Qualifications:

• Identify and assess Technology/ Cybersecurity risks through frameworks like RCSA etc.
• Coordinate with Cybersecurity leadership to manage the lifecycle of risks owned by Cybersecurity
• Perform Test of Design (TOD) and Test of performance (TOP) to evaluate Technology control design & effectiveness
• Review mitigation/remediation plans and advise on mitigation effectiveness and alternative mitigation approaches
• Effectively collaborate with business partners in the First line-of-defense (FLOD), Second line of defense (SLOD), Third line of defense (Audit) and Cybersecurity
• Provide credible challenge on people, process and systems to ensure maximum business results and effective risk mitigation strategies
• Provide high quality risk management deliverables through a matrix staffing model to targeted Technology senior leaders and team members
• Perform reviews of new products, solutions, projects and program requirements, evaluating control strength and associated risks
• Monitor, measure, evaluate, and report on the impact of Technology controls
• Manage issue, policy exception and risk acceptance portfolio to ensure appropriate and timely risk mitigation inclusive of third-party risk
• Perform gap analysis for policies and/or regulatory requirements
• Conduct root cause analysis on technology incidents to identify weak or non-existing controls and create effective mitigation plans
• Produce effective and actionable management risk reporting for Cybersecurity
• Lead complex initiatives designed to mitigate current and emerging risks with broad impact
• Act as key participant in monitoring, evaluating, and measuring the impact of decisions practiced in Control Management functional area
• Monitor moderately complex business specific programs, and provide risk management consulting to support the business in designing and implementing risk-mitigation strategies
• Develop and implement risk monitoring and risk reporting processes and controls
• Collaborate with Cybersecurity to identify current and emerging risks associated with business activities and operations, and provide guidance in developing and implementing risk-mitigating strategies
• Work with Cybersecurity to ensure that the environment uses tools, processes and expertise to effectively manage technology risks
• Deliver effective and consistent execution of the Risk Management Framework to build Front Line Risk Mitigation capabilities and accountability, coordinating issue analysis, thematic reviews, control evaluation and remediation activities across businesses and functions to manage risk

Job Expectations:

• Technology Risk Management or Technology Control Management or Information Security, Cyber Security experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• Demonstrated knowledge of Technology and Security risk frameworks – ISO 27001, COBIT, FFIEC, NIST 800-53, NIST CSF, ITIL etc
• One or more industry certifications like CISA/ CISM/ CRISC/ CISSP/ CCSP or equivalent
• Excellent verbal, written, and interpersonal communication skills
• Strong Problem-solving skills and analytical skills with high attention to detail and accuracy
• Strong collaboration and partnering skills

Posting End Date: 

*Job posting may come down early due to volume of applicants.

We Value Diversity

At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.

Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.

Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.

Applicants with Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.

Drug and Alcohol Policy

Wells Fargo maintains a drug free workplace.  Please see our Drug and Alcohol Policy to learn more.

Wells Fargo Recruitment and Hiring Requirements:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.

b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.