Operational Risk Consultant 4-Information Security/Technology Risk

Job Description

International Business Solutions and Controls (IBSC) Business Risk Management Group provides support across the business operations aligned to Foreign Exchange, International Trade Services, Global Payment Systems and Financial Institutions Group and maintains programs designed to manage the regulatory issues, financial crimes and operational risks. These services include operational risk systems administration, policy & standards oversight, change management and consolidated metrics & reporting.

Part of governing these programs includes ensuring experienced and qualified risk management professionals are assigned to manage risks for which they are suited. IBSC BRM does this by maintaining clear job descriptions that align with the roles and responsibilities established by risk management governance resources at the corporate, Wholesale, and IG levels.

Responsibilities include: providing advanced information security risk management consultation for all aspects of information security compliance policy, risk management and remediation. May direct, participate in and review all aspects of information security risk assessment and analysis, and recommend remediation plans and strategies. Optimize information security risk awareness and influence leaders in strategies to mitigate the risks. Proactively inform and influence stakeholders on net new or on material changes to an asset and influence control decisions. Coordinate on third party assets to manage information security risks. Provide consultative services to stakeholders on new, emerging and complex information security issues and findings. Conduct operational risk / information security gap analysis from prior audits, testing, and reviews. Evaluate and interpret internal and Enterprise information security policies, processes and standards, and provide recommendations to improve them. Develop and/or deliver Information Security Education Awareness and Training in accordance with the Enterprise Information Security Program standards.

This Business Risk Management position provides operational risk management practices to manage technology risks and provide assurance of effective controls related to key and emerging risks. The information security consultant administers the IWS line of business (LOB) Information Security (IS) Program across International and WBS to protect our customers from both internal and external security threats.

This role provides IS technical expertise and oversight related to:

  • Security Planning & Assessment of Risk / Controls (SPARC)
  • Cyber Security
  • Authentication
  • Security Plans
  • Project Management
  • Third Party Risk Management (TPRM) E-CISE requirements
  • Vendor Remote Access
  • Digital Properties and ADA
  • Data Loss Prevention
  • Metrics & reporting
  • Reverse audit requests from customers

Team members support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements.

Required Qualifications

  • 6+ years of compliance experience
  • 6+ years of financial services industry experience

Desired Qualifications

  • A BS/BA degree or higher
  • Ability to interact with all levels of an organization
  • Advanced Microsoft Office skills
  • Excellent verbal, written, and interpersonal communication skills
  • Strong analytical skills with high attention to detail and accuracy

Other Desired Qualifications

  • 6+ years of experience in compliance, operational risk management (includes audit, legal, credit risk, market risk, or the management of a process or business with accountability for compliance or operational risk), or a combination of both; or 6+ years of IT systems security, business process management or financial services industry experience, of which 3+ years must include direct experience in compliance, operational risk management, or a combination of both
  • Ability to act as a liaison between WOGRO, EIT and LOB which includes the ability to consult on identified risk issues or gaps
  • Must have demonstrated operational risk knowledge/experience including design of effective control processes, development of test requirements and/or testing controls for effectiveness
  • Deep experience/knowledge information security or technology risk methodologies and practices
  • Ability to influence and direct strategy relative to building an IGO execution model for information security and technology risk coverage
  • Demonstrated relationship building and relationship management skills; ability to work both independently and collaboratively senior line of business associates and other support partners
  • Demonstrated writing skills including the ability to clearly document activities, processes and test results
  • Must have strong time management skills and the ability to manage multiple tasks and meet deadlines with minimal supervision
  • Experience building a risk management program, or implementing material changes to an existing program
  • Familiarity with International Group or Operation's application solutions
  • Strong IT Risk Management, Access Management, and Information Security expertise
  • Successful track record of delivering work which meets or exceeds quality standards and achieving results that meet or exceed expectations
  • Experience working with the Bank's operational policies and procedures, and with corporate Operational Risk Platform tools such as SHRP, SPARC, CRAS+ and RCSA
  • Ability to make difficult decisions and deliver challenging messages
  • Willingness to accept challenging assignments and perform work covering a range of levels

Disclaimer

All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.

Relevant military experience is considered for veterans and transitioning service men and women.

Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.

0079336 WHOLESALE BANKING


Meet Some of Wells Fargo's Employees

Lauren S.

Audit Manager

Lauren audits Wells Fargo’s financial reports to assess accuracy and risk. She reviews processes in place, analyzes management controls, and communicates calculations and findings with business partners.

Andrew M.

Innovation Consultant

Andrew incorporates his risk management and creative skills to strategize new and insightful ways to engage customers who interact with Wells Fargo’s various financial products and services.


Back to top