Audit Director - Enterprise Technology Audit Group (Cybersecurity)

at  Wells Fargo

APPLICANTS WITH DISABILITIES

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo .

WELLS FARGO RECRUITMENT AND HIRING REQUIREMENTS:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.
b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process

Required Qualifications:

• 8+ years of Audit, Risk experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 4+ years of management experienc

Desired Qualifications:

• 8+ years of experience leading audit, risk, or regulator teams focused on cybersecurity and technology functions and services
• Technical experience in auditing cybersecurity and technology processes and controls in large banking institutions.
• Hands on technical experience in executing or managing cybersecurity processes (e.g., vulnerability and threat management, cyber operations, application security, access management, network security, data protection, cryptography, etc.)
• Demonstrated ability to influence and collaborate with key stakeholders across senior levels in an organization.
• A Bachelor of Computer Science, Information Systems or Engineering degree, or higher.
• Comprehensive knowledge and understanding of audit methodologies and tools that support audit processes.
• Ability to work effectively in a team environment and across all organizational levels, where flexibility, collaboration, and adaptability are important.
• Strong understanding of financial industry regulatory environment, cybersecurity regulations and industry standards
• Proven leadership experience with multi-functional teams across multiple locations.
• Certification in one or more of the following: CISA, CISSP, GIAC, CSA or equivalent.
• Excellent coaching and talent development skills and proven leadership experience in building high performing team

Wells Fargo is seeking an Audit Director (AD) in Enterprise Technology Audit Group (ETAG) to oversee and direct cybersecurity audits. This role will be an integral part of the ETAG leadership team. The Audit Director will collaborate and partner with other specialist audit teams, to ensure comprehensive cybersecurity audit coverage. Specifically, this leader will lead a high performing team of approximately 25-30 team members. Experience navigating matrixed organizations, interfacing with regulatory agencies and building an effective audit approach to evaluate information and risk in this ever-changing risk environment is important. The candidate should have a demonstrated ability to influence management, build strong trusted relationships and drive change designed to mitigate risk.

In this role you will:

• Develop and execute an annual cybersecurity audit plan that evaluates critical risks to Wells Fargo and applies strong, pragmatic professional judgment
• Assess the cybersecurity governance structure, risk management and control effectiveness
• Ensure audit plan and engagements are risk-based and executed according to Internal Audit policies and guidance
• Manage allocation of people and resources to ensure commitments are met and align with Audit strategic objectives
• Leverage innovation for continuous improvement of audit coverage, trend identification and efficiencies
• Evaluate current audit approaches and audit practices. Provide thought leadership on leading industry practices and drive continued maturation and evolution of the audit function.
• Ensure cybersecurity audit coverage strategy is comprehensive and aligns with industry standards, regulatory expectations and best practices
• Communicate audit results to senior executives and using the role within Audit to influence the organization
• Identify thematic risk trends observed across the cybersecurity portfolio for purposes of influencing strategic control direction and process maturity
• Keep abreast of changes to regulatory requirements and emerging technologies
• Partner with management to identify and anticipate impact of a changing environment and effectively develop audit strategies to address significant risks
• Represent ETAG as a highly engaged, visible, and influential leader recognized for cybersecurity risk and controls expertise
• Develop and maintain effective, collaborative and credible business relationships with internal and external stakeholders
• Provide advice and offer credible challenge to cybersecurity, technology and business leaders on the implications of cybersecurity trends, issues, operating environment changes and strategies
• Support and participate in decisions related to Audit initiatives and strategic direction
• Maximize accuracy and efficiency when sharing results to company leadership and regulatory agencies
• Participate on audit level committees or the Management Committee as directed by the Chief Audit Executive
• Recruit, develop, motivate and retain cybersecurity audit talent
• Manage a team of 25-30 Auditors responsible for covering cybersecurity audit plan

Required Qualifications:

• 8+ years of Audit, Risk experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 4+ years of management experience

Desired Qualifications:

• 8+ years of experience leading audit, risk, or regulator teams focused on cybersecurity and technology functions and services
• Technical experience in auditing cybersecurity and technology processes and controls in large banking institutions.
• Hands on technical experience in executing or managing cybersecurity processes (e.g., vulnerability and threat management, cyber operations, application security, access management, network security, data protection, cryptography, etc.)
• Demonstrated ability to influence and collaborate with key stakeholders across senior levels in an organization.
• A Bachelor of Computer Science, Information Systems or Engineering degree, or higher.
• Comprehensive knowledge and understanding of audit methodologies and tools that support audit processes.
• Ability to work effectively in a team environment and across all organizational levels, where flexibility, collaboration, and adaptability are important.
• Strong understanding of financial industry regulatory environment, cybersecurity regulations and industry standards
• Proven leadership experience with multi-functional teams across multiple locations.
• Certification in one or more of the following: CISA, CISSP, GIAC, CSA or equivalent.
• Excellent coaching and talent development skills and proven leadership experience in building high performing teams

Job Expectations:

• Ability to travel up to 20% of the time