Operational Risk Consultant 5
It starts with you…
Our goal is to attract, develop, retain and motivate the most talented people - those who care and who work together as partners across business units and functions. We value and promote diversity and inclusion in every aspect of our business and at every level of our organization.
At Wells Fargo, we invest in our people. Our diverse lines of business offer unique opportunities to expand your knowledge and advance your career.
This is an exciting opportunity to join a team and function committed to providing Wells Fargo with world-class technology risk management. The Operational Risk Group continues to build out a world-class technology risk management capability.
The Technology Risk Management Oversight (TRMO) organization is responsible for establishing the strategic direction and management of Wells Fargo's enterprise technology risk management program, including developing, approving and maintaining the technology risk management framework. This function will be responsible for maintaining a strong technology risk culture, formulating technology risk appetite and tolerances, and for establishing/maintaining a program to identify, assess, measure, monitor, control and report on significant enterprise technology risks. Consistent with other programs overseen by Corporate Risk, the Technology Risk program provides second-line-of-defense oversight (SLOD) to ensure an independent, integrated, and holistic view of Wells Fargo technology risks.
As part of the TRMO team, the responsibilities of this position will include:
- Focus areas include influencing end to end integrated processes, establishing formal decision making criteria and supporting policies/standards required in the planning, architecture, acquisition, deployment, and management of a Cloud computing capability
- Ability to actively participate in and influence end to end key risk process development, and establishing guiding principles and formal risk based decision making gating criteria and supporting policies/standards by providing feedback, direction, and industry best practices alternative solutions from strategy, planning, and design through operationalization
- Working with business partners to develop processes, templates, and reporting to provide independent risk management oversight and participation in critical enterprise programs, major business change initiatives or projects with significant technology risks. Pro-actively advises and assists Enterprise Information Technology (EIT), First Line of Defense (FLOD), Enterprise Information Security, Compliance, Second Line of Defense and other control groups. Reviews remediation plans and provides feedback on strategy, governance, measurable benefits, metrics, scope and reasonableness
- Adept at working with business partners in identifying relevant operational risk KRI/KPI metric thresholds and reporting to effectively monitor and proactively identify, monitor and manage risks
- Analyzing technology risk domain requirements against the proposed solutions to determine technology risk levels, acceptable risk appetites, control weaknesses and to evaluate the risk of solutions not meeting requirements. Capturing and escalating credible challenges
- Applies relevant risk, domain and change knowledge/experience to ensure FLOD is effectively identifying, assessing and escalating risks in a transparent way prior to impacting the Business As Usual operations
- Actively participates on appropriate steering committees, councils and work groups to ensure appropriate technology risk management coverage
- Ability to write, review and present clear and concise reports for delivery to all levels of the organization
- Integrating requirements from the broader technology risk domain into existing technology risk management processes (e.g. risk assessments)
- Effectively collaborating with business partners in the first-line-of-defense (FLOD) and second line of defense (SLOD) in the establishment of new risk management processes for the specific technology risk domain
- Evaluates and works with stakeholders to ensure each has the tools, processes and expertise to effectively manage technology risks
- Developing and maintaining strong relationships with senior leaders, FLOD, EIT, EIS and other control groups including corporate regulatory, operational risk, audit and compliance
- Interprets, recommends and ensures required changes to organizational policies, standards, procedures, processes and related decision making criteria are performed
- Ensuring that critical programs and projects remain aligned to the technology risk management strategy and functional framework
An example of a critical technology risk domain for which Technology Risk Management Oversight provides independent risk management coverage is Change Management. Key activities include review and credible challenge of technology solutions, risks/mitigation plans, project status reporting and technology risk domain artifacts used as part of the regulatory reporting process.
The successful candidate will have the ability to translate ambiguous ideas/issues into well-defined plans/solutions; while influencing decision-making process, Self-motivated, able to work independently with a proven ability to be adaptable to a dynamic work environment with multiple priorities and strict timelines and set appropriate deliverable timelines and follow-through.
- 10+ years of experience in compliance, operational risk management (includes audit, legal, credit risk, market risk, or the management of a process or business with accountability for compliance or operational risk), or a combination of both; or 10+ years of IT systems security, business process management or financial services industry experience, of which 5+ years must include direct experience in compliance, operational risk management, or a combination of both
- Advanced Microsoft Office skills
- Excellent verbal, written, and interpersonal communication skills
- Strong analytical skills with high attention to detail and accuracy
- Ability to interact with all levels of an organization
- Virtual leadership experience with ability to effectively drive results, provide feedback/direction, and manage and build relationships with leaders and team members in a geographically dispersed team environment
Other Desired Qualifications
- Demonstrated information technology experience in change management including evaluating requests for change to determine the impact on business processes and IT services, and to assess whether change will adversely affect the operational environment and introduce unacceptable risk.
- Demonstrated experience managing emergency changes to minimize further incidents and make sure the change is controlled and takes place securely. Verify that emergency changes are appropriately assessed and authorized after the change.
- Demonstrated experience tracking and reporting changes, communicating the status of approved and in-process changes, complete changes, and rejected changes. Make certain that approved changes are implemented as planned.
- Experience with assessing change management processes and solutions for consistency and compliance with the organizations strategy.
- Prior experience with tracking, monitoring and implementing corrective actions for Compliance/Operational Risk.
- Possesses extensive risk management strategy and governance, technology, and process knowledge across risk domain capabilities including Cloud solutions, patch and vulnerability management, IaaS, PaaS, and network segmentation
All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.
Relevant military experience is considered for veterans and transitioning service men and women.
Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.
0162960 CORP RISK/CORPORATE RISK
Meet Some of Wells Fargo's Employees
Lauren audits Wells Fargo’s financial reports to assess accuracy and risk. She reviews processes in place, analyzes management controls, and communicates calculations and findings with business partners.
Back to top