About Wells Fargo
Wells Fargo & Company (NYSE: WFC) is a leading global financial services company headquartered in San Francisco (United States). Wells Fargo has offices in over 30 countries and territories. Our business outside of the U.S. mostly focuses on providing banking services for large corporate, government and financial institution clients. We have worldwide expertise and services to help our customers improve earnings, manage risk, and develop opportunities in the global marketplace. Our global reach offers many opportunities for you to develop a career with Wells Fargo. Join our diverse and inclusive team where you will feel valued and inspired to contribute your unique skills and experience. We are looking for talented people who will put our customers at the center of everything we do. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
Market Job Description
About Role:
We are seeking an experienced risk professional to join our team and assist in executing Information Technology (IT) infrastructure risk assessments as part of broader Technology Control. This is a strategic position that will engage with the multiple risk and control stakeholders / lines of defense across Enterprise Information Technology (EIT) and the enterprise as a whole to enable a strong risk management practice and capabilities. Areas of focus include, but are not limited to: infrastructure risk assessments, a strong architectural and operational understanding of IT infrastructure types such as Mainframes, Databases, Cloud, Network Components, Operating Systems etc., strong understanding of risk and control frameworks, regulatory and industry standards (i.e., FFIEC, COBIT), and collaboration with partners to align and influence risk management control improvements.
Responsibilities:
Our environment continues to be one of heightened standards, raised risk consciousness, and regulatory requirements. This role will support overall strategy, management and execution of technology risk assessments across EIT. The role will support the definition of strategy and requirements, as well as development of a robust framework for monitoring and reporting aggregated risk and risk response across EIT. This will include driving clear communication and stakeholder engagement in order to support the organization in meeting risk assessment related objectives.
Responsibilities of this position include, but are not limited to:
- Taking end-end ownership of conducting technology infrastructure assessments for a given asset class. This includes :
- Interfacing with the asset owners as part of the risk identification & analysis phases
- Evaluating risk based on the data gathered & in line with established policies & procedures;
- validating effectiveness of mitigating controls that are in place
- Documenting risk assessment results within WF systems of record along with any observed findings.
- Assisting in the reporting of infrastructure risk assessment results
- Liaising with second line & audit teams as needed
Essential Qualifications
- 8+ years of experience in architecting & executing Technology Risk Assessment/ Risk & Control Self Assurance activities
- A strong architectural and operational understanding of one ore or more technology asset classes – ex- Mainframes, Databases, Cloud, Network Components etc. along with subject matter knowledge on controls. In-depth experience in implementation/testing of such controls.
- Broad and significant knowledge of technology and the associated challenges, risks and required controls inherent in a complex federated environment including knowledge of processes/services such as SDLC, BCP, PMO, Change Management, Problem and Incident Management etc.
- Demonstrated knowledge of Technology and Security risk frameworks – COBIT, FFIEC, NIST, ITIL, COSO, BASEL, and OCC Heightened Standards
- Excellent inter-personal & communication skills
- CISA/CISSP/CRISC certification is a bonus
Desired Qualifications:
- Track record of providing constructive challenge with appropriate issue escalation and offering solution
- Strong ability and experience working with and collaborating with leaders and team members at all levels and across functional lines
- Demonstrated ability to effectively drive and lead organizational change
- Demonstrated ability to manage in a matrix environment both domestically and internationally
- Comprehensive knowledge and understanding of strategic elements of financial, operational, technical and regulatory environments across a complex global services environment
- Ability to fluently articulate business strategy and operations; translating organizational strategies into clear objectives and business action
Market Skills and Certifications
Essential Qualifications- 8+ years of experience in architecting & executing Technology Risk Assessment/ Risk & Control Self Assurance activities
- A strong architectural and operational understanding of one ore or more technology asset classes – ex- Mainframes, Databases, Cloud, Network Components etc. along with subject matter knowledge on controls. In-depth experience in implementation/testing of such controls.
- Broad and significant knowledge of technology and the associated challenges, risks and required controls inherent in a complex federated environment including knowledge of processes/services such as SDLC, BCP, PMO, Change Management, Problem and Incident Management etc.
- Demonstrated knowledge of Technology and Security risk frameworks – COBIT, FFIEC, NIST, ITIL, COSO, BASEL, and OCC Heightened Standards
- Excellent inter-personal & communication skills
- CISA/CISSP/CRISC certification is a bonus
Desired Qualifications:
- Track record of providing constructive challenge with appropriate issue escalation and offering solution
- Strong ability and experience working with and collaborating with leaders and team members at all levels and across functional lines
- Demonstrated ability to effectively drive and lead organizational change
- Demonstrated ability to manage in a matrix environment both domestically and internationally
- Comprehensive knowledge and understanding of strategic elements of financial, operational, technical and regulatory environments across a complex global services environment
- Ability to fluently articulate business strategy and operations; translating organizational strategies into clear objectives and business action
We Value Diversity
At Wells Fargo, we believe in diversity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national or ethnic origin, age, disability, religion, sexual orientation, gender identity or any other status protected by applicable law. We comply with all applicable laws in every jurisdiction in which we operate. |
