Audit Manager – VP (Technology)

Wells Fargo is seeking an Audit Manager.

Audit is a provider of independent, objective assurance services delivered through a highly competent and diverse team. As a business partner, Audit helps the company accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

About Enterprise Technology Audit Group:

The Enterprise Technology Audit Group (ETAG) conducts and coordinates audits of information technology and information security, primarily focused on the Wells Fargo Technology (WFT) organization, the Independent Risk Management (IRM) Technology, and the Third Party and information Risk Oversight (TPIRO) group.

ETAG is broken out into the following sub-teams:

Chief Information Office (CIO) - CSBB Technology, Consumer & Small Business Banking, Consumer Lending Technology, Digital & Innovation Technology, Enterprise Functions Technology, Financial Crimes & Enterprise Data Technology, WIM Technology

Chief Technology Office (CTO) - Cloud Platforms, CIO Development, Change Enablement, Middleware

Information Security - Access Management, NIST Assessment, Cybersecurity Defense Monitoring, Information Protection, Third Party Risk 

Infrastructure & Technology Recovery - Technology Continuity & Resiliency, Technology Infrastructure

Technology Governance - IT Governance, Risk Management, Compliance

Strategy & Digital, & Innovation Group (SDI) - Corporate Strategic Planning, Digital Platform, Innovation Group

In this role, you will:

• Lead execution of the integrated audit process
• Participate in audits in accordance with Wells Fargo Audit Services policy
• Demonstrate depth and breadth of knowledge and understanding across multiple businesses or develop knowledge in a critical subject matter area
• Demonstrate comprehensive knowledge and understanding of the financial, operational, technical, and regulatory environment across multiple businesses or develop excellent subject matter knowledge in critical areas of the business
• Write opinions reflecting relevant facts that lead to logical conclusions
• Escalate significant risks and loss exposures to appropriate levels of management
• Ensure documentation and reporting are ready for review by managers and more experienced managers
• Demonstrate credible challenge
• Evaluate and provide appropriate solutions for complex problems
• Lead multiple concurrent projects that are generally moderate to large in size and moderate to high in complexity
• Identify and assess key risks and controls and develop effective test plans for engagements as assigned with limited guidance
• Present audit results in an objective and unbiased manner
• Exhibit appropriate judgment regarding issue notification, issue draft findings to client management, and draft final audit reports
• Develop and maintain excellent business relationships within Internal Audit and with teams companywide

Required Qualifications:

• 5+ years of Audit, Risk experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education

Desired Qualifications:

• 5+ years of work experience in Technology Governance, Risk Management and Compliance (GRC) or IT Security with at least 5 years in Technology Audit.
• A professional with auditing, security, or accounting designation e.g., CISA, CISSP, CPA, CA, CIA, CCNA, CISM, CRSIC or to have substantially completed the requirements for such a designation while actively pursuing the completion of such a designation.
• Background of Technology Audit within international financial service organizations.
• Lead execution of the integrated audit process
• Participate in audits in accordance with Wells Fargo Internal Audit policy
• Demonstrate depth and breadth of knowledge and understanding across multiple businesses or develop knowledge in a critical subject matter area
• Demonstrate comprehensive knowledge and understanding of the financial, operational, technical, and regulatory environment across multiple businesses or develop excellent subject matter knowledge in critical areas of the business
• Write opinions reflecting relevant facts that lead to logical conclusions
• Escalate significant risks and loss exposures to appropriate levels of management
• Ensure documentation and reporting are ready for review by managers and more experienced managers
• Demonstrate credible challenge
• Evaluate and provide appropriate solutions for complex problems
• Lead multiple concurrent projects that are generally moderate to large in size and moderate to high in complexity
• Identify and assess key risks and controls and develop effective test plans for engagements as assigned with limited guidance
• Present audit results in an objective and unbiased manner
• Exhibit appropriate judgment regarding issue notification, issue draft findings to client management, and draft final audit reports
• Develop and maintain excellent business relationships within Internal Audit and with teams companywide

Job Expectations:

• Experience in general Information Technology control reviews as well as application control reviews.
• Strong knowledge of and experience in medium to large-scale application reviews and system development projects, and ability to perform reviews on various platforms (e.g., Unix, Windows, iSeries, z/OS, SQL DB, Oracle DB, network devices, middleware, cloud).
• Good understanding of technology processes (e.g. change management, security operations, technology operations, business resiliency, etc.), application and infrastructure controls.
• Good knowledge of system development methodologies, information security controls, access management, technology governance and risk management.
• Knowledge of information security management frameworks (e.g. COBIT, ISO 2700x, ITIL, NIST Cybersecurity Framework, SANS Top 20 Critical Security Controls, Vulnerability and Penetration testing).
• Solid knowledge and understanding of audit methodologies and tools that support audit processes.
• Knowledge of IT and Cloud management and control frameworks
• Experience with Issue Validation and Remediation
• Excellent verbal, written, and interpersonal communication skills.
• Strong organizational, multitasking, and prioritizing skills.
• Ability to work independently and as part of a team, be flexible.
• Ability to execute in a fast-paced demanding environment while balancing multiple priorities.
• Problem solving attitude.
• Good analytical skills with high attention to detail.
• Ability to work with minimal supervision and exercise independent judgment consistent with department guidelines.

Posting End Date: 

*Job posting may come down early due to volume of applicants.

We Value Diversity

At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.

Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.

Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.

Applicants with Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.

Drug and Alcohol Policy

Wells Fargo maintains a drug free workplace.  Please see our Drug and Alcohol Policy to learn more.

Wells Fargo Recruitment and Hiring Requirements:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.

b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.