Senior Auditor - Sr. AVP (Technology)

About the Role:

Wells Fargo is seeking a Senior Auditor for their Enterprise Technology Audit Group. The Enterprise Technology Audit Group (ETAG) conducts and coordinates audits of information technology and information security, primarily focused on the Wells Fargo Technology (WFT) organization, the Independent Risk Management (IRM) Technology, and the Third Party and information Risk Oversight (TPIRO) group. ETAG is broken out into the following sub-teams:

Chief Information Office (CIO) - CSBB Technology, Consumer & Small Business Banking, Consumer Lending Technology, Digital & Innovation Technology, Enterprise Functions Technology, Financial Crimes & Enterprise Dlata Technology, WIM Technology

Chief Technology Office (CTO) - Cloud Platforms, CIO Development, Change Enablement, Middleware

Information Security - Access Management, NIST Assessment, Cybersecurity Defense Monitoring, Information Protection, Third Party Risk 

Infrastructure & Technology Recovery - Technology Continuity & Resiliency, Technology Infrastructure

Technology Governance - IT Governance, Risk Management, Compliance

Strategy & Digital, & Innovation Group (SDI) - Corporate Strategic Planning, Digital Platform, Innovation Group

The Senior Auditor will support the Audit coverage of the IT Governance, IT Infrastructure, Risk Management, Access Management and Application Development to include evaluating systems development life cycle, change management, computer operations, and information security risks and controls focused primarily on the application and database layer.

In this role, you will:

• Perform audit testing components of assigned audits within multiple segments of the Audit Plan
• Plan and execute independent audit testing and ensure that they are timely and accurate
• Identify and assess key risks and controls
• Execute and document work in accordance with Wells Fargo Audit Services policy
• Identify and develop compensating controls that mitigate audit findings and make recommendations to management
• Inform manager of situational issues that might compromise objectivity or independence
• Design and execute tests to verify control effectiveness
• Document work papers according to the standards of the Internal Audit policy and guidance
• Demonstrate professional skepticism while performing major components of audits
• Lead smaller scale audits or projects
• Develop ways to improve existing audit practices
• Develop effective test plans for engagements as assigned with limited guidance
• Participate in projects as directed
• Develop business partnerships within Internal Audit and with teams companywide through professional communication and clear audit deliverables

Required Qualifications:

• 4+ years of Audit, Risk experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education

Desired Qualifications:

• Relevant bachelor’s degree in information technology, auditing or accounting.
• 4+ years of experience in IT/IS Audit, Technology Governance, Risk Management or equivalent experience demonstrated through one or a combination of the following: work experience, training, military experience, education.
• e part of IT/IS audit engagements that are generally small to moderate in size and complexity, and on occasions, may handle multiple assignments.
• Be responsible to assist the teams in the preparation of Walkthrough documents, identification of Process, Risk & Controls, performance of control effectiveness testing, drafting the findings and discuss issues with business stakeholders.
• Exhibit understanding of business & infrastructure functions and the underlying technology, operational, financial, and regulatory aspects.
• Establish & maintain relationships with business partners, relevant stakeholders, and identify emerging risks as part of ongoing business monitoring activities.
• Develop and demonstrate strong understanding of audit approach and methodology.
• Perform process walk-throughs, assess risks and perform control effectiveness testing.
• Demonstrate professional ability to credibly challenge status quo.
• Present audit results in an objective and unbiased manner.
• Write audit issues reflecting relevant facts that lead to logical conclusions.
• Escalate significant risks and loss exposures to appropriate levels of management.
• Support other team members, if needed through the audit process.
• Work effectively in a team environment and across all organizational levels, where flexibility, collaboration, and adaptability are important.

Job Expectations:

• Credentials such as Certified Information Systems Auditor (CISA) and/or similar IT/IS certifications such CISSP, CISM, GSNA, CRISC, CIA, CCNA, CSX, GSEC, CCSP.
• Experience performing audits in the areas of Cyber Security, Cloud, Mobile Apps, Automated Workers (RPA), Micro-services, Artificial Intelligence (AI), DevOps, and large-scale technology transformation projects/programs is highly desirable.
• Background of Technology Audit, preferably within international financial service organizations.
• Experience with general Information Technology control reviews as well as application control reviews.
• Experience in medium to large-scale application reviews and system development projects, and ability to perform reviews on various platforms (e.g., Unix, Windows, i-Series, z/OS, SQL DB, Oracle DB, network devices).
• Good knowledge or ability to learn quickly system development methodologies, information security controls, access management, technology governance and risk management.
• Knowledge of information security management frameworks (e.g. COBIT, ISO 2700x, ITIL, NIST Cybersecurity Framework, SANS Top 20 Critical Security Controls).
• Ability and zeal to build domain knowledge and overall business acumen.
• Sound knowledge and understanding of audit methodologies and tools that support audit processes, and / or orientation to risk and controls.
• Excellent verbal, written, and interpersonal communication skills.
• Strong organizational, multitasking, and prioritizing skills.
• Ability to work effectively in a team environment and across all organizational levels, where flexibility, collaboration, and adaptability are important.
• Ability to execute in a fast paced, demanding environment while balancing multiple priorities.
• Ability to work with minimal supervision and exercise independent judgment consistent with department guidelines.
• Ability to execute in a fast-paced, demanding environment while balancing multiple priorities.
• Agile mindset, problem solving attitude and good analytical skills with high attention to detail.
• Willingness to handle global engagements and work in a shifting schedule.
• Ability to travel approximately 10% of the time.

Posting End Date: 

*Job posting may come down early due to volume of applicants.

We Value Diversity

At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.

Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.

Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.

Applicants with Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.

Drug and Alcohol Policy

Wells Fargo maintains a drug free workplace.  Please see our Drug and Alcohol Policy to learn more.

Wells Fargo Recruitment and Hiring Requirements:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.

b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.