Full Job Description
Important Note: During the application process, ensure your contact information (email and phone number) is up to date and upload your current resume when submitting your application for consideration. To participate in some selection activities you will need to respond to an invitation. The invitation can be sent by both email and text message. In order to receive text message invitations, your profile must include a mobile phone number designated as “Personal Cell” or “Cellular” in the contact information of your application.
At Wells Fargo, we want to satisfy our customers’ financial needs and help them succeed financially. We’re looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you’ll feel valued and inspired to contribute your unique skills and experience.
Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
Wells Fargo Technology sets IT strategy; enhances the design, development, and operations of our systems; optimizes the Wells Fargo infrastructure footprint; provides information security; and enables continuous banking access through in-store, online, ATM, and other channels to Wells Fargo’s more than 70 million global customers.
This role is a Business Risk and Control Senior Officer position within the Wells Fargo Technology Organization.
The Business Risk and Control teams are responsible for partnering with the relevant business or technology groups to identify, assess, manage and mitigate current and emerging risk exposures associated with their activities and operations. Monitors, measures, evaluates, and reports on the impact of decisions and controls to the relevant business group and enterprise function. Consults and provides guidance to business groups on the development, implementation, and monitoring of complex business-specific programs to identify, assess, and mitigate risk. Consults and supports interpretation of policy, guidelines, and governance programs as the front line liaison to Independent Risk Management leaders for moderate to high risk and complexity enterprise risk programs. Provides a high level of risk management acumen to support the business in designing and implementing risk mitigation strategies, business processes and controls that mitigate risks and address regulatory requirements. Develops and implements risk monitoring and risk reporting processes and controls. Monitors and reports on its risk concentration, current and emerging risk, and risk appetite. Aggregates, evaluates, reports on results and escalates where necessary. Designs and executes control effectiveness assurance program for Front Line-owned controls. Leads implementation of initiatives with moderate to high risk. Collaborates internally with business regarding risk management of business-specific risk programs. Interfaces with Independent Risk Management, Audit, Legal, external agencies, and regulatory bodies regarding risk management of business-specific risk programs. May lead project/virtual teams and may mentor but does not manage other team members.
This Senior Officer role supports the CIO team for Commercial Banking and Corporate & Investment Banking businesses including Payment Solutions, Capital Markets Services, and Strategic Services & Advanced Technology. CCIBT provides technology services to the Commercial Banking line of business, inclusive of Middle Market Banking, Commercial Capital and Treasury Management, and the Corporate and Investment Bank line of business, serving the capital markets, banking and investment needs of our corporate, government and institutional clients. This role will provide leadership to support the designated CIO teams in meeting all requirements of the company’s risk framework, ensuring that CCIBT is effectively managing risks associated with technology activities, current and emerging risk identification, measurement, assessment, control, mitigation, monitoring and reporting. This position will work regularly with Wells Fargo Technology and Technology Control teams, Front Line Business Risk and Controls teams, and Second Line functions to ensure a strong control environment exists for compliance with technology-applicable policies, procedures, and guidelines.
The candidate will work directly with the CIO teams supporting Corporate Investment Banking, Commercial Banking, Treasury and Payments, Strategic Services, Advance Technology and/or Platform and Architecture. In addition they will partner with Policy Owners, Independent Risk Management, Divisional Operational Risk Management, Technical and ICS Subject Matter Experts and Central Risk Process Owners to ensure appropriate technology controls are in place within CCIBT.
Position responsibilities include:
Primary risk and control interface to identified technology CIOs, providing support to Technology Executives and their team members on risk-related matters
Identifying and assessing risk for the targeted Technology Division
Providing credible challenge on people, process and systems to ensure maximum business results and effective risk mitigation strategies
Providing direction to officers and senior associates on the technology control team through a matrix staffing model to deliver high quality information and support to targeted CCIBT senior leaders
Partnering with Business Risk and Control team officers, senior associates and applicable central technology controls teams to:
Perform reviews of new products, solutions, projects and program requirements, evaluating control strength and associated risks
Review mitigation/remediation plans and providing counsel on mitigation effectiveness and alternative mitigation approaches
Manage issue, policy exception and risk acceptance portfolio to ensure appropriate and timely risk mitigation inclusive of third and fourth party risk
Perform gap analysis for policies and/or regulatory requirements
Conduct root cause analysis on technology incidents to identify weak or non-existing controls and create effective mitigation plans
Produce effective and actionable management reporting for CIO and ultimately sub-CIO level
Ensuring Strategic success for Technology and Business Partners
Effectively collaborating with business partners in the first-line-of-defense (FLOD), second line of defense (SLOD), audit and information security
Working with stakeholders to ensure each has the tools, processes and expertise to effectively manage technology risks
Developing and maintaining strong working relationships with the line of business, corporate regulatory and operational risk and compliance peers
10+ years of experience in risk management (includes compliance, financial crimes, operational risk, audit, legal, credit risk, market risk, IT systems security, business process management) or 10+ years of financial services industry experience, of which 7+ years must include direct experience in risk management
Ability to coordinate completion of multiple tasks and meet aggressive time frames
Ability to prepare management level presentations
Ability to interact with all levels of an organization
Strong analytical skills with high attention to detail and accuracy
Strong collaboration and partnering skills
Other Desired Qualifications
10+ years of experience within a Technology Risk or Business Risk function with demonstrated knowledge of the business, its technology systems, applications, infrastructure and emerging technology, and associated risks in a business environment
10+ years demonstrated leadership skills and strategic ability to execute operational risk management programs
Experience managing information technology oversight programs that align to a Technology Business function (i.e. commercial, capital markets, treasury and payments)
Experience in compliance, operational risk, IT systems security, business process mgmt. or financial services, (includes audit, legal, credit risk, market risk, or the management of a process or business with accountability for compliance or operational risk)
Broad and significant knowledge of technology and the associated challenges, risks and required controls inherent in a complex federated environment, including knowledge of SDLC, Architecture, Cloud, Datacenter, Vendor and third party, BCP, PMO, Change Mgmt, Problem and Incident Management, SOX and other Regulations, Access management, Asset Management, Compliance, IS, Audit
Understanding of technology and security risk framework. Including, but not limited to: COBIT, FFIEC, NIST, ITIL, COSO, BASEL, and OCC Heightened Standards
Professional certifications such as CPA, CSCP, CRCM, CGEIT, CRISC, CITP, CISA, CISSP, or similar
Strong business oral and written communications skills with senior leader presence and experience
Ability to work well in a matrix organization and leverage skills across multiple disciplines to deliver a successful work product
Ability to travel up to 10% of the time