Job description

Wells Fargo is seeking a Lead Information Security Analyst to join an exciting and fast-paced team driving the effort to protect our customers and companies most critical data. In this critical role, you will explore advanced technology to implement modernized ways of working that drive down risk and increase efficiency. This is a hybrid role at Wells Fargo. There is no Visa sponsorship or Visa Transfers. The req is seated in the location posted on the req. About this role: This role will provide technical leadership and be an individual contributor to teams that obtain and analyze data, develop reporting for senior leadership, and conduct governance of critical vulnerabilities and deficiencies across the enterprise. The ideal candidate will have demonstrated experience in the design and implementation of vulnerability management or governance, risk and compliance programs. The ideal candidate will also have demonstrated experience in automated processes including advanced data analytics, visualization, dashboards and remediation monitoring. This role is one part data analytics, one part vulnerability management and one part risk management. In this role, you will: Provide advanced information security consultation for all aspects of information security compliance policy, risk management, and remediation Direct information security risk assessment and research, and recommend remediation plans and strategies Perform Governance, Risk and Compliance to identify and prioritize key risk areas, monitor remediation and escalation critical risks to senior management Conduct user engagement on identified areas of policy non-adherence, report and advise on moderately complex remediation or mitigation plans Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security Review and correlate technical data to include scanning reports, key and certificate management reports, security logs Analyze identified vulnerabilities, assess their potential impact, and prioritize remediation efforts based on risk levels Contribute to the development and maintenance of security policies and procedures related to information protection, information classification, encryption and digital certificates Develop detailed process documentation and BAU artifact generation for security controls and metrics, governance routines, escalation events, and consequence model Required Qualifications: 5+ years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education 4+ years in a vulnerability management or governance, risk and compliance role, identifying and prioritizing areas of policy non-adherence, report development, remediation monitoring and escalation to senior management Strong skills in analysis of information security monitoring data from industry leading tools (e.g. Qualys, Tanium, etc.) Strong skills in data Extract, Transform, Load (ETL) to include automation of data ingestion, data reduction, data processing, data visualization. Knowledge of data automation through industry leading tools (MS Power Apps, Tableau, Alteryx, etc.) Desired Qualifications: IT Security certification (CISSP, CRISC, GIAC, Cloud, etc) Demonstrated expertise of Governance, Risk and Compliance principles for monitoring adherence to Information Security policies Experience with or strong conceptual understanding of data protection principles, frameworks and technologies Knowledge of Cloud service providers such as Amazon Web Services (AWS), Google Cloud Platform (GCP) or MS Azure Documentation skills including design diagrams, process flows and content writing Ability to plan & manage work well, high quality assurance and meet required standards & guidelines. Should be familiar with financial institution security procedures and policies especially with data handling & protection. Experience with Agile methodology of project delivery Ability to communicate confidently and professionally Ability to negotiate, influence, and collaborate to build successful relationships Strong time management skills including the ability to handle multiple deliverables concurrently Ability to influence across all organizational levels Advanced knowledge of cybersecurity topics and organizations Job Expectations: Work independently to conduct governance routines on a weekly, monthly or quarterly frequency Proactively retrieve data, conduct accuracy and completeness checks Perform data reduction and processing to narrow large data sets to actionable artifacts Identify security vulnerabilities, perform product mapping, conduct trend analysis, perform risk assessments, and evaluate remediation alternatives Conduct product owner engagement for non-adherence and remediation monitoring Prepare executive ready reports with an emphasis on escalation of critical risk areas Develop and maintain automated workflows for data ingestion, processing, and reporting Develop and maintain documentation for security controls and metrics, governance routines, escalation events, and consequence model Pay Range Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to achievements, skills, experience, or work location. The range listed is just one component of the compensation package offered to candidates. $111,100.00 - $197,500.00 Benefits Wells Fargo provides eligible employees with a comprehensive set of benefits, many of which are listed below. VisitBenefits - Wells Fargo Jobs for an overview of the following benefit plans and programs offered to employees. • Health benefits • 401(k) Plan • Paid time off • Disability benefits • Life insurance, critical illness insurance, and accident insurance • Parental leave • Critical caregiving leave • Discounts and savings • Commuter benefits • Tuition reimbursement • Scholarships for dependent children • Adoption reimbursement Posting End Date: 27 Apr 2025 • Job posting may come down early due to volume of applicants. We Value Diversity At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law. Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements. Candidates applying to job openings posted in US:All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic. Applicants with Disabilities To request a medical accommodation during the application or interview process, visitDisability Inclusion at Wells Fargo. Drug and Alcohol Policy Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more. Wells Fargo Recruitment and Hiring Requirements: a. Third-Party recordings are prohibited unless authorized by Wells Fargo. b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.

Requirements