Senior Lead Information Security Analyst, Cybersecurity Domain Governance

at  Wells Fargo

APPLICANTS WITH DISABILITIES

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo .

WELLS FARGO RECRUITMENT AND HIRING REQUIREMENTS:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.
b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process

Required Qualifications:

• 7+ years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education

Desired Qualifications:

• 7+ years of governance experience.
• 4+ years of experience with leadership in an enterprise technology environment.
• Demonstrated experience working with senior leadership levels.
• Experience working with legal and/or compliance partners.
• Ability to influence across all organizational levels, particularly senior management.
• Highly effective decision-making/critical thinking/problem solving skills with a collaborative and results oriented leadership style.
• Strong organizational skills with an ability to manage numerous, competing demands from internal and external stakeholders.
• Strong ability to effectively communicate and broker agreements amongst diverse, differing, competing, and/or conflicting perspectives/priorities

WELLS FARGO CYBERSECURITY IS SEEKING A SENIOR LEAD INFORMATION SECURITY ANALYST TO SUPPORT CENTRALIZED CYBERSECURITY DOMAIN GOVERNANCE PROGRAM ACTIVITIES. THE SENIOR LEAD ROLE WILL BE RESPONSIBLE FOR SUPPORTING IMPLEMENTATION AND EXECUTION OF CENTRALIZED CYBERSECURITY DOMAIN GOVERNANCE PROGRAM ACTIVITIES AND DRIVING CONSISTENCY IN THE EXECUTION OF GOVERNANCE ROUTINES ACROSS ALIGNED CYBERSECURITY DOMAINS WITHIN THE WELLS FARGO CYBERSECURITY DOMAIN PROGRAM; DRIVING INTEGRATED, STREAMLINED, AND CONSISTENT PROCESSES THAT ENSURE EFFECTIVE GOVERNANCE FOR INFORMATION SECURITY RISKS.

In this role, you will:

• Maintain a broad awareness aligned Cybersecurity domain health and potential impacts enterprise-wide, providing feedback and escalation as necessary.
• Identify and recommend governance routines that may span multiple Cybersecurity disciplines to identify potential areas of risk and measure adherence with defined programs.
• Execute defined domain governance routines to determine Identify security risks and solutions for networks and virtual private network applications, security tools, public key infrastructures, authentication and directory services, and access management services.
• Support and execute strategy for information security policy, standards and procedures for systems, applications, and tools.
• Set guidelines for policy adherence and risk management requirements for Cybersecurity domains and work with other stakeholders to implement key risk initiatives.
• Collaborate and influence all levels of professionals including more experienced managers.
• Drive the successful completion of programs to achieve business goals, including timely identification, escalation and remediation of risks and issues that impact program execution and delivery.
• Deliver periodic business and operating reports, including identification and remediation of execution or other risks and issues, retrospective reviews and lessons learned.
• Deliver clear, concise, and actionable communication to various levels of organization on a timely basis to ensure effective understanding, decision-making, execution and issue remediation.
• Develop and maintain program documentation, including executive summaries, program overviews, status reports, project plans, and issue remediation plans.
• Develop and maintain processes, procedures, controls, and workflow diagrams.
• Ensure quality and adequacy of program artifacts across all deliverables for programs within portfolio.

Required Qualifications:

• 7+ years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education.

Desired Qualifications:

• 7+ years of governance experience.
• 4+ years of experience with leadership in an enterprise technology environment.
• Demonstrated experience working with senior leadership levels.
• Experience working with legal and/or compliance partners.
• Ability to influence across all organizational levels, particularly senior management.
• Highly effective decision-making/critical thinking/problem solving skills with a collaborative and results oriented leadership style.
• Strong organizational skills with an ability to manage numerous, competing demands from internal and external stakeholders.
• Strong ability to effectively communicate and broker agreements amongst diverse, differing, competing, and/or conflicting perspectives/priorities.

Job Expectations:

• Execute on a governance strategy aligned with the overarching Wells Fargo Cybersecurity strategy, goals, and objectives.
• Support development and execution on common, minimum expectations for governance routines to continuously monitor cybersecurity domain health and drive adherence across Cybersecurity policy domains.
• Manage the Cybersecurity Policy Adherence Monitoring Program including identifying gaps in policy adherence routines, processes, and controls.
• Identify and recommend opportunities for process improvement and risk control development by utilizing research and data in addition to in depth understanding of organizational goals, priorities, and technology while developing executable strategies and plans.
• Develop, implement, and maintain end-to-end governance processes across Cybersecurity.
• Partner with Cybersecurity Policy Governance and Cybersecurity functional domain subject matter experts in the development of Cybersecurity business and enterprise policy.
• Develop governance documents for Cybersecurity; determines adequacy of new and existing governance documents with enterprise and Cybersecurity business impact.
• Work with subject matter experts to identify significant impacts of new or changed policy requirements and determine the appropriate implementation period.
• Monitor regulatory changes that may impact policy adherence governance requirements; confirm alignment to laws, rules, and regulation.
• Aggregate, evaluate, report, and escalate Cybersecurity policy adherence as needed including implementation and adherence results.
• Measurable impacts and a strong commitment to diversity and inclusion.
• Build and maintain effective partnerships within Cybersecurity, Wells Fargo Technology, Corporate Risk, and the Front-Line Business Groups.
• Proactively champion and drive requirements to ensure adherence to the company’s risk framework, the Wells Fargo Technology Strategy, and the Cybersecurity strategy.
• Operate within, and be a proponent of, enterprise risk framework expectations.
• This is not a remote position. Candidates are required to work in the office three (3) days per week at the specified location
• Wells Fargo cannot consider individuals for this role who will require immigration assistance either now or in the future