
Control Officer – Technology Policy Development – Wells Fargo – Summit, NJ
Job Description
Important Note: During the application process, ensure your contact information (email and phone number) is up to date and upload your current resume when submitting your application for consideration. To participate in some selection activities you will need to respond to an invitation. The invitation can be sent by both email and text message. In order to receive text message invitations, your profile must include a mobile phone number designated as ‘Personal Cell’ or ‘Cellular’ in the contact information of your application.
At Wells Fargo, we are looking for talented people who will put our customers at the center of everything we do. We are seeking candidates who embrace diversity, equity, and inclusion in a workplace where everyone feels valued and inspired.
Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
READ Get More Than 300 Hours of Cyber Security Training for Under $700
Technology sets IT strategy; enhances the design, development, and operations of our systems; optimizes the Wells Fargo infrastructure; provides information security; and enables Wells Fargo global customers to have 24 hours a day, 7 days a week banking access through in-branch, online, ATMs, and other channels.
Our mission is to deliver stable, secure, scalable, and innovative services at speeds that delight and satisfy our customers and unleash the skills potential of our employees.
Technology Control resides within the Wells Fargo Technology (WFT) organization. Its functions improve how we own, assess, manage, and report technology risks while ensuring that we have strong technology risk expertise, employ the concept of risk management as a utility – operationalizing for efficiency, and move us to progressive risk management based on data and analytical processes.
Amazon Web Services Training On Demand
Core Job Responsibilities
- Support Technology Policy Development team in providing Information and Cyber Security (ICS) expertise and driving the development of quality Policy and Procedural documentation for a number of ICS functions.
- Partner with Policy Owner teams to draft policy and procedural content as well as mappings to applicable regulations, controls, and adherence metrics. Provide suggestions on policy and procedure rationalization opportunities, influence implementation.
- Translate information security risk and compliance requirements, commitments and industry guidance into concise and easy to follow policy statements.
- Parter with second line functions, Enterprise Policy Office and Independent Risk Management, to ensure policy development process requirements are followed, evidence is collected and documented.
- Help drive Technology Policy simplification initiative, which includes collaboration with various policy owner teams across Technology organization as well as second line partners.
- Support tools and automation strategy by participating in various UAT Testing efforts, proposing improvements and automation opportunities.
- Provide guidance to partners on ICS topics in support of policies and obligations.
- Partner with members of Technology Policy Development team to enhance program and process, policy update socialization strategy, internal routines, education & awareness.
Required Qualifications
- 7+ years of experience in risk management or 7+ years of financial services industry experience, of which 5+ years must include direct experience in risk management
Desired Qualifications
- Certified Internal Auditor (CIA), Certified Information Systems Auditor, (CISA) Certification in Control Self-Assessment (CCSA), Certified Information Systems Security Professional, (CISSP) or other risk management discipline certification
- Ability to work effectively in a team environment and across all organizational levels, where flexibility, collaboration, and adaptability are important
- Advanced Microsoft Office skills
- Excellent verbal, written, and interpersonal communication skills
- Good analytical skills with high attention to detail and accuracy
Our Most Popular Cyber Security Training Courses
- Google Cloud Security
- Google Cloud Networking
- Introduction to Cybersecurity Tools & Cyber Attacks
- Linux Security
- Cyber Security 10 Domains
- IBM Fundamentals
- AWS Cloud Native
Other Desired Qualifications
- 7+ Years risk management experience with demonstrated leadership skills and ability to mature risk management programs
- Demonstrated knowledge of Technology and Security risk framework – NIST, ITIL, COSO, BASEL, FedRAMP, PCI, COBIT, FFIEC and OCC Heightened Standards
- Familiarity with a broad range of IT and Information Security products and technologies such as identity and access management, vulnerability management, encryption, and key management, logging and monitoring and application security
- Familiarity with cloud-based environments and technologies with associated auditing methodologies
- Information Security audit/audit consulting experience
- Policy writing experience, technical writing skills
- Strong risk and control fundamentals, knowledge of risk framework and methodologies
- Knows when to act independently and when to influence the decision-making process
- Reviews own work product for completeness and accuracy against a set of criteria
- Program execution experience
- Demonstrated collaboration skills, especially with difficult topics when partnering with senior management. This includes the willingness and ability to question decisions, understand direction and escalate issues, where necessary.
- Demonstrated experience with both strategic and tactical approaches to risk management.
- Experience within an Enterprise Technology function or Technology Risk function with demonstrated knowledge of, technology systems, applications and associated risks
- Understanding of security metrics and creation of useful dashboards for management review and consumption
Our Most Popular Cyber Security Training Courses
- Google Cloud Security
- Google Cloud Networking
- Introduction to Cybersecurity Tools & Cyber Attacks
- Linux Security
- Cyber Security 10 Domains
- IBM Fundamentals
- AWS Cloud Native
Disclaimer
All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.
Relevant military experience is considered for veterans and transitioning service men and women.
Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.
Benefits Summary
Visit https://www.wellsfargo.com/about/careers/benefits for benefits information.
Reference Number
5581039-4