Important Note: During the application process, ensure your contact information (email and phone number) is up to date and upload your current resume when submitting your application for consideration. To participate in some selection activities you will need to respond to an invitation. The invitation can be sent by both email and text message. In order to receive text message invitations, your profile must include a mobile phone number designated as 'Personal Cell' or 'Cellular' in the contact information of your application.
At Wells Fargo, we are looking for talented people who will put our customers at the center of everything we do. We are seeking candidates who embrace diversity, equity and inclusion in a workplace where everyone feels valued and inspired.
Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
As the company's second line of defense, Corporate Risk — or Independent Risk Management — provides independent oversight of risk-taking activities. Independent Risk Management establishes and maintains Wells Fargo's risk management program and provides oversight, including challenges to and independent assessment of, the frontline's execution of its risk management responsibilities. We manage risk according to the Risk Management Framework and ensure all employees understand their individual accountability for managing risk.
This is an exciting opportunity to join a team committed to providing Wells Fargo with world-class operational risk management. The Operational Risk Group continues to build out a world-class operational risk management capability.
The Assessment, Planning, Integration & Execution team, within the independent risk management (IRM) Technology & Information Security Risk Management (TISRM) organization, owns and executes the operational risk management program in alignment with the enterprise Integrated Process Risk & control and Technology Risk Management Policies. The team has responsibility for risk assessment oversight for technology, information security, and records management.
Responsibilities for this position will include but not limited to:
- Lead oversight activities of the front line business to fulfill IRM responsibilities outlined in the enterprise Risk Management Framework including:
- Analyze existing processes, applications, and assets to determine operational risk and exposure levels related to those targets
- Evaluate operational control effectiveness utilizing various means including metrics, observation, and/or substantive testing techniques
- Perform review of the work products produced by the front-line business according to risk program requirements and deadlines
- Develop and maintain strong working relationships with the line of business, corporate regulatory and operational risk and compliance peers
- Assist in maturing team capabilities by:
- Capture and escalate credible challenges
- Produce management reporting
- Integrate intelligence from various sources in the operational risk assessments
- Collaborate effectively with business partners in the front line and IRM in the establishment of new risk management processes for the specific program/project
- Work with stakeholders to ensure each has the tools, processes and expertise to effectively manage operational risks
- Ensuring that critical programs and projects remain aligned to the risk management strategy and functional framework
This position is an individual contributor role, but is expected to lead assessment project teams, provide thought leadership to improve the efficiency and effectiveness of the IRM assessment program, and interface with varying levels of management, including senior management.
- 7+ years of experience in risk management (includes compliance, financial crimes, operational risk, audit, legal, credit risk, market risk, IT systems security, business process management) or 7+ years of financial services industry experience, of which 5+ years must include direct experience in risk management
- Ability to clearly express ideas and proposed solutions
- Ability to execute in a fast paced, high demand, environment while balancing multiple priorities
- Ability to meet stringent deadlines
- Ability to present complex material in a digestible, consumable manner to all levels of management
- Ability to prioritize work, meet deadlines, achieve goals, and work under pressure in a dynamic and complex environment
- Advanced Microsoft Office skills
- Excellent verbal, written, and interpersonal communication skills
- Strong analytical skills with high attention to detail and accuracy
- Strong relationship management skills
Other Desired Qualifications
- 5+ years of experience with technology and/or information security domains (e.g. infrastructure engineering, architecture, IT operations, incident response, identity and access management, vulnerability management, application security)
- Demonstrated leadership experience (not necessarily direct-report management) in risk management through front-line operational risk management, or internal audit in financial services covering technology and/or information security risk.
- Experience monitoring industry, technology and regulatory trends to determine business impacts
- Experience developing and delivering comprehensive report/presentations to senior management, stakeholders, and risk and management committees
- Experience defining and/or developing business initiatives that require collaboration between multiple stakeholders and/or lines of business
- Experience executing information security oriented operational assessments against industry standards/guidance such as ISO 27001, NIST SP 800-53, NIST Cybersecurity Framework, PCI DSS, and/or FFIEC
- Experience completing assessments against Society for Worldwide Interbank Financial Telecommunication (SWIFT) requirements
- Certifications in Technology and/or Information Security disciplines (e.g. CRISC, CISA, CISM, CISSP, GIAC).
- Experience evaluating relevant operational risks for related processes and technology
- Second-line of defense oversight, or front-line support and/or management of technology / information security risk
- Ability to travel up to 15% of the time
All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.
Relevant military experience is considered for veterans and transitioning service men and women.
Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.
Visit https://www.wellsfargo.com/about/careers/benefits for benefits information.