Wells Fargo
IT Audit Manager - Executive Director (Cybersecurity)
Wells Fargo, Phila, Pennsylvania, United States, 19117
About this role:
The Enterprise Technology Audit Group - Cybersecurity Audit Team is looking to fill an IT Audit Manager, Executive Director position to support the coverage of Wells Fargo’s core Information Security and Cybersecurity controls (e.g., Cyber Threat Fusion Center, Data Loss Protection, Security Information and Event Management, Cryptographic Services, Patch and Vulnerability Management, Network Security Management, Third Party Information Security Management etc.). We’re building a Cybersecurity Audit function for the future and looking for high-energy talent to join us on our journey! You’ll be part of a team that provides audit coverage of the controls and tools that provide the front line protection for the Bank’s critical systems and data. Given the dynamic nature of the external threat landscape, you’ll be exposed to cutting edge technology and threat management techniques. We’re looking for team members that have a passion for Cybersecurity and a continual thirst for knowledge in this fascinating and critical space! This is an individual contributor role with no direct reports.
In this role, you will:
Lead a team of audit staff to resolve highly complex and unique challenges requiring in depth evaluation across multiple areas or the enterprise, delivering solutions that are long term.
Lead defined audits within one or more segments of the Audit Plan
Ensure audit engagements are risk based, and executed according to Wells Fargo Internal Audit policies and guidance
Assist in planning and organizing work in an annual cycle and project cycle
Provide timely feedback, coaching and monitoring of audit work and staff
Develop and maintain solid business relationships within Wells Fargo Internal Audit and with teams across Wells Fargo, and other stakeholders
Become a subject-matter-expert in various integrated and application auditing disciplines so that you can be viewed as a trusted advisor on risks in these areas to management and audit leadership.
Maintain an ongoing knowledge of the people, processes and tools that interact in this area so that you can keep the big picture in mind as you design your work approach and structure your opinions.
Lead audit execution teams with integrity and creating an environment where team members feel included, valued, and supported to do work that energizes them.
Accomplish management responsibilities to provide day-to-day oversight of audit execution including designing the scope and approach for information and cyber security audits, providing ongoing coaching and feedback for audit team members, identifying and managing risks, and completing daily management tasks
.
Required Qualifications:
7+ years of Audit, Risk experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
Desired Qualifications:
7+ years of increasing responsibilities within IT audit, including experience leading and supervising audits (external and/or internal), preferably in the financial services sector
Proficiency with MITRE ATT&CK Framework. Applicants must have over 3-5 years of experience working with the MITRE ATT&CK framework. A strong grasp of its application in identifying, assessing, and mitigating cyber threats based on real-world observations is essential.
Demonstrate expertise in managing and evaluating cloud security, with a strong proficiency in leading identity and access management (IAM) assessments and audits.
Strong data analytical skills are crucial. Candidates should be adept at interpreting complex data sets, identifying trends, and deriving meaningful insights to enhance threat detection and response capabilities.
Knowledge of IT and Cloud management and control frameworks
Experience working in a highly formal audit environment, including preparation of formal test of design and test of effectiveness work-papers, sample selection through use of formal sample selection tools, process and control flow-charting, and audit methodology compliance
Experience at a financial institution or accounting firm
A BS/BA degree or higher
Solid knowledge and understanding of audit or risk methodologies and supporting tools
Strong understanding of financial regulatory environment
Certification in one or more of the following: CISSP, CEH, Azure & CIAM
Experience leading and providing feedback to staff on audit projects or engagements
Experience with Issue Validation and Remediation
Ability to effectively communicate complex security concepts to stakeholders at all levels
Job Expectations:
Ability to travel up to 10% of the time
Position does not provide sponsorship
Pay Range
Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to achievements, skills, experience, or work location. The range listed is just one component of the compensation package offered to candidates.
$144,400.00 - $300,000.00
Benefits
Wells Fargo provides eligible employees with a comprehensive set of benefits, many of which are listed below. Visit Benefits - Wells Fargo Jobs (https://www.wellsfargojobs.com/en/life-at-wells-fargo/benefits) for an overview of the following benefit plans and programs offered to employees.
Health benefits
401(k) Plan
Paid time off
Disability benefits
Life insurance, critical illness insurance, and accident insurance
Parental leave
Critical caregiving leave
Discounts and savings
Commuter benefits
Tuition reimbursement
Scholarships for dependent children
Adoption reimbursement
Posting End Date:
23 Nov 2024
*****
Job posting may come down early due to volume of applicants.
We Value Diversity
At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.
Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.
Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.
Applicants with Disabilities
To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo (https://www.wellsfargojobs.com/en/diversity/disability-inclusion/) .
Drug and Alcohol Policy
Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy (https://www.wellsfargojobs.com/en/wells-fargo-drug-and-alcohol-policy) to learn more.
Wells Fargo Recruitment and Hiring Requirements:
a. Third-Party recordings are prohibited unless authorized by Wells Fargo.
b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.
Req Number:
R-415617
The Enterprise Technology Audit Group - Cybersecurity Audit Team is looking to fill an IT Audit Manager, Executive Director position to support the coverage of Wells Fargo’s core Information Security and Cybersecurity controls (e.g., Cyber Threat Fusion Center, Data Loss Protection, Security Information and Event Management, Cryptographic Services, Patch and Vulnerability Management, Network Security Management, Third Party Information Security Management etc.). We’re building a Cybersecurity Audit function for the future and looking for high-energy talent to join us on our journey! You’ll be part of a team that provides audit coverage of the controls and tools that provide the front line protection for the Bank’s critical systems and data. Given the dynamic nature of the external threat landscape, you’ll be exposed to cutting edge technology and threat management techniques. We’re looking for team members that have a passion for Cybersecurity and a continual thirst for knowledge in this fascinating and critical space! This is an individual contributor role with no direct reports.
In this role, you will:
Lead a team of audit staff to resolve highly complex and unique challenges requiring in depth evaluation across multiple areas or the enterprise, delivering solutions that are long term.
Lead defined audits within one or more segments of the Audit Plan
Ensure audit engagements are risk based, and executed according to Wells Fargo Internal Audit policies and guidance
Assist in planning and organizing work in an annual cycle and project cycle
Provide timely feedback, coaching and monitoring of audit work and staff
Develop and maintain solid business relationships within Wells Fargo Internal Audit and with teams across Wells Fargo, and other stakeholders
Become a subject-matter-expert in various integrated and application auditing disciplines so that you can be viewed as a trusted advisor on risks in these areas to management and audit leadership.
Maintain an ongoing knowledge of the people, processes and tools that interact in this area so that you can keep the big picture in mind as you design your work approach and structure your opinions.
Lead audit execution teams with integrity and creating an environment where team members feel included, valued, and supported to do work that energizes them.
Accomplish management responsibilities to provide day-to-day oversight of audit execution including designing the scope and approach for information and cyber security audits, providing ongoing coaching and feedback for audit team members, identifying and managing risks, and completing daily management tasks
.
Required Qualifications:
7+ years of Audit, Risk experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
Desired Qualifications:
7+ years of increasing responsibilities within IT audit, including experience leading and supervising audits (external and/or internal), preferably in the financial services sector
Proficiency with MITRE ATT&CK Framework. Applicants must have over 3-5 years of experience working with the MITRE ATT&CK framework. A strong grasp of its application in identifying, assessing, and mitigating cyber threats based on real-world observations is essential.
Demonstrate expertise in managing and evaluating cloud security, with a strong proficiency in leading identity and access management (IAM) assessments and audits.
Strong data analytical skills are crucial. Candidates should be adept at interpreting complex data sets, identifying trends, and deriving meaningful insights to enhance threat detection and response capabilities.
Knowledge of IT and Cloud management and control frameworks
Experience working in a highly formal audit environment, including preparation of formal test of design and test of effectiveness work-papers, sample selection through use of formal sample selection tools, process and control flow-charting, and audit methodology compliance
Experience at a financial institution or accounting firm
A BS/BA degree or higher
Solid knowledge and understanding of audit or risk methodologies and supporting tools
Strong understanding of financial regulatory environment
Certification in one or more of the following: CISSP, CEH, Azure & CIAM
Experience leading and providing feedback to staff on audit projects or engagements
Experience with Issue Validation and Remediation
Ability to effectively communicate complex security concepts to stakeholders at all levels
Job Expectations:
Ability to travel up to 10% of the time
Position does not provide sponsorship
Pay Range
Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to achievements, skills, experience, or work location. The range listed is just one component of the compensation package offered to candidates.
$144,400.00 - $300,000.00
Benefits
Wells Fargo provides eligible employees with a comprehensive set of benefits, many of which are listed below. Visit Benefits - Wells Fargo Jobs (https://www.wellsfargojobs.com/en/life-at-wells-fargo/benefits) for an overview of the following benefit plans and programs offered to employees.
Health benefits
401(k) Plan
Paid time off
Disability benefits
Life insurance, critical illness insurance, and accident insurance
Parental leave
Critical caregiving leave
Discounts and savings
Commuter benefits
Tuition reimbursement
Scholarships for dependent children
Adoption reimbursement
Posting End Date:
23 Nov 2024
*****
Job posting may come down early due to volume of applicants.
We Value Diversity
At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.
Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.
Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.
Applicants with Disabilities
To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo (https://www.wellsfargojobs.com/en/diversity/disability-inclusion/) .
Drug and Alcohol Policy
Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy (https://www.wellsfargojobs.com/en/wells-fargo-drug-and-alcohol-policy) to learn more.
Wells Fargo Recruitment and Hiring Requirements:
a. Third-Party recordings are prohibited unless authorized by Wells Fargo.
b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.
Req Number:
R-415617