Job Directory Wells Fargo Operational Risk Consultant 4
Wells Fargo

Operational Risk Consultant 4 Wells Fargo
San Francisco, CA

Wells Fargo is a banking and financial services holding company.

Companies like Wells Fargo
are looking for tech talent like you.

On Hired, employers apply to you with up-front salaries.
Sign up to start matching for free.

About Wells Fargo

Job Description

Job Description

At Wells Fargo, we want to satisfy our customers' financial needs and help them succeed financially. We're looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you'll feel valued and inspired to contribute your unique skills and experience.

Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.

Enterprise Finance & Information Technology offers technology and services that exceed Wells Fargo customers' expectations and directly enable them to succeed financially. We interact with customers more than 12 billion times a year through in-store, online, ATM, and telephone transactions. We impact customers directly, through systems availability and security, as well as indirectly, through our business partners who offer and deliver a myriad of products and services that meet customers' financial needs. We provide a competitive advantage for the company through excellence in fundamentals, integrated partnerships, and our talented and engaged team members.

Wells Fargo Enterprise Information Security (EIS) is seeking a senior level Operational Risk Consultant to provide consulting and risk analysis on all of their Internet/Mobile and Contact Center phone banking platforms in support of WFVC. The Enterprise Information Security group provides security planning and security strategy to the WFVC Internet/Mobile, Contact Center business, and Technology groups supporting and phone banking. WFVC is the driving creative and technical force behind WFVC helps customers realize their financial needs by delivering the world's most innovative e- banking and e-commerce services, capabilities and alliances.

Wells Fargo Virtual Channels (WFVC) serves Wells Fargo consumer and small business customers through various channels - digital (online, mobile, and social) and contact center (phone, email, and correspondence). WFVC's vision is to pioneer the next generation of financial services and provide the best virtual experiences, anytime, anyhow, and anywhere. Over 32 million customers use our digital channels to manage their financial lives, and our customer- facing contact centers support approximately 450 million customer contacts annually. Whether our customers connect with us online or by phone, email, or in writing, WFVC is positioned to satisfy our customers' financial needs 24 hours a day, 7 days a week.

This is an exciting opportunity to work with the team, analyzing security needs for WFVC platforms, applications and other security processes. This is also an opportunity to get exposure to leading-edge technologies in the mobile and social media platforms.

Specific Responsibilities:

* Develops and implements risk-based programs to identify, assess and mitigate operational risk associated with inadequate or failed internal processes or controls, people, systems or external events - while maintaining balance appropriate to risk mitigation against operational efficiency
* Works with WFVC business units, infrastructure and development to provide information security risk expertise and consulting for projects and initiatives
* Provide systems security consulting on complex issues
* Evaluates the adequacy and effectiveness of policies, procedures, processes, systems and internal controls; analyzes business and/or system changes to determine impact, identifies and assesses operational risk issues and assigns risk ratings consistent with established policy standards
* Consults on secure architectural design. Design and develop testing strategies, methodologies, and analyses
* Participates in the risk assessment process and identifies security and operational risk issues of 3rd party vendor environment and services used by the business
* Consults with the business to develop corrective action plans and effectively manage change
* Reports findings and develops business cases to influence senior management on the need for controls to mitigate risk
* Articulates risk and complex technical issues to enable WFVC to understand and accept Information Security risks
* Works across WFVC and with LOB partners to ensure that risk is properly analyzed and captured and works toward effective mitigation and control programs
* Interfaces with the Line of Business and Enterprise Information Technology (EIT) group
* Identify training opportunities; design/coordinate the development of training materials; deliver or coordinate training courses
* Provide guidance to less experienced consultants

Preferred Locations: 401 S. Tryon St, Charlotte, NC; 333 Market St, San Francisco, CA; Others locations may be considered including telecommute.

Required Qualifications

* 6+ years of experience in compliance, operational risk management (includes audit, legal, credit risk, market risk, or the management of a process or business with accountability for compliance or operational risk), or a combination of both; or 6+ years of IT systems security, business process management or financial services industry experience, of which 3+ years must include direct experience in compliance, operational risk management, or a combination of both
* 4+ years of information security experience

Desired Qualifications

* Advanced Microsoft Office skills
* Excellent verbal, written, and interpersonal communication skills
* Strong analytical skills with high attention to detail and accuracy
* Ability to interact with all levels of an organization
* Knowledge and understanding of information security risk assessment procedures, risk mitigation or remediation
* Experience evaluating security risks related to mobile devices, tablets, and social media
* Experience preparing security risk assessments for Wells Fargo business and 3rd party service providers
* Knowledge and understanding of application security planning and security architecture
* Knowledge and understanding of security technologies and concepts including identity management, single sign on, directory services, role based access control, cryptographic algorithms, mutual authentication and certificate management
* Knowledge and understanding of Wells Fargo risk platforms, such as Security Planning & Assessment of Risks/Controls (SPARC), Configuration Management Database (CMDB), Information Services Application Inventory (ISAI), Vendor Management System of Record (VSMOR), Third Party Information Management Systems (TRIMS), Control Review Assessment System Plus (CRAS+), or Centralized Issue and Corrective Action Tracking (CICAT)
* Ability to articulate issues, risks, and proposed solutions to various levels of staff and management
* Knowledge and understanding of TCP/ IP (Transmission Control Protocol/Internet Protocol)
* Information Security Tools Development Unix and Windows experience
* Knowledge and understanding of internet, mobile, and tablet technology
* Knowledge and understanding of application development in a banking environment
* Ability to identify and evaluate trends, isolate root cause, and provide swift/thorough resolution
* Experience consulting with internal clients and business
* Ability to work independently
* Ability to work and influence successfully within a matrix environment and build effective business partnerships with all levels of team members
* Ability to work effectively in a team environment and across all organizational levels, where flexibility, collaboration, and adaptability are important
* Certified Information Systems Security Professional (CISSP)

Other Desired Qualifications

* Exposure and knowledge of assessing and securing customer e-banking applications, mobile/tablets, web sites, large-scale DBMS, multi-tiered architectures, Internet technologies (e.g., HTML, HTTP, JavaScript, Java, etc.), software development cycles including Agile methodology, code vulnerabilities, cryptographic controls, and operational processes
* Previous experience in preparing security risk assessments at Wells Fargo
* Previous experience in integrating cryptographic controls in application system designs
* Advanced SharePoint expertise to include development of tools and reporting utilizing the SharePoint and Microsoft Office tools
* Advanced Microsoft Office (Word, Excel, Outlook and PowerPoint) skills
* Experience developing formal reporting mechanisms or other Business Intelligence software

Street Address

NC-Charlotte: 401 S Tryon St - Charlotte, NC

CA-SF-Financial District: 333 Market St - San Francisco, CA


All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.

Relevant military experience is considered for veterans and transitioning service men and women.

Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.

About Wells Fargo

Wells Fargo is a banking and financial services holding company.

Wells Fargo
10001 employees
Wells Fargo

420 montgomery street

Let your dream job find you.

Sign up to start matching with top companies. It’s fast and free.