Wells Fargo & Company (NYSE: WFC) is a leading global financial services company headquartered in San Francisco (United States). Wells Fargo has offices in over 30 countries and territories. Our business outside of the U.S. mostly focuses on providing banking services for large corporate, government and financial institution clients. We have worldwide expertise and services to help our customers improve earnings, manage risk, and develop opportunities in the global marketplace. Our global reach offers many opportunities for you to develop a career with Wells Fargo. Join our diverse and inclusive team where you will feel valued and inspired to contribute your unique skills and experience. We are looking for talented people who will put our customers at the center of everything we do. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
Market Job Description
Oversight of Technology and Information Security as part of the 'Technology Third Party and Information Risk Management Oversight' team (TTIRO) - Experienced Independent Risk Management Officer in the 2nd Line of Defence with a focus in Technology and Information Security who represents the APAC region in the oversight of Wells Fargo Technology (WFT – Tech and Info Sec).
The Information Security Independent Risk Management (IRM) Oversight team is responsible for developing, implementing and performing Independent Risk Management reviews and credible challenge for the Wells Fargo information security risk-based program
This position will support the Information Security Oversight function focusing their oversight at the Region, Country and Legal Entity level and executing the IRM function of the risk management framework
They will coordinate review and challenge of all regulatory responses and interactions related to Information Security ensuring that the responses provide are appropriate for the legal entity that is responding and that the associated evidence would be able to be produced by EIS Front Line
This position will also be responsible to deliver the IRM functions as defined in the risk management framework covering Information Security and evidence that responsibilities are carried out with the TTIRO process and procedures with legal entity specific evidence.
As part of managing these processes, this position would maintain awareness of frameworks and guidance such as China Cyber Security, HKMA Regulations, Singapore MAS Cyber Security Guidelines, FFIEC, GLBA 501(b), regional regulatory requirements related to Operational Risk / Cyber and Information Security.
Provide oversight over adherence to any applicable Wells Fargo information security policies, controls, and programs to help ensure successful Information security Independent Risk Management Oversight and program effectiveness.
The role would partake from an IRM function in the review and challenge of scenario analysis to support the ICAAP and ILAAP requirements for the various legal entities (Same as CCAR – for International)
Provide formal monitoring of RAS metrics, associated KRI's developing an effective independent review and challenge process of the reporting produced by the front line
Responsible for providing an independent view of risk to the IRM governance functions such as Board / Regional Risk Committees for APAC through the Head of TTIRO / Head of Ops Risk
The ability to review and challenge the enterprise on behalf of the legal entity / region / country
Ensure that the front line is providing the regional business partners with appropriate level of transparency for enterprise solutions that could potentially impact their operational abilities (i.e., impact of network isolation)
Be able to use risk intelligence to identify control weaknesses and working with TTIRO domain partners support the effective writing of PoV's, Credible Challenges and SHRP Memos to influence change and improvements to enterprise processes that impact International
Providing periodic Independent Risk Management risk assessment, gap analysis reviews, and credible challenge efforts for regional information security and cyber security risk matters
Oversee and support the effective execution of all IRM responsibilities as defined in the Risk Management Framework in accordance with TTIRO processes and procedures
Be able to deliver a risk profile for the legal entities that shows the disaggregated view of risk to the degree possible in the shared services environment must be able to layer the risk posture of the enterprise with any legal entity / region / country specific relevant risks
Market Skills and Certifications
6+ years of IT systems security, cyber security, risk management, preferably within financial services industry, of which 3+ years must include direct experience in compliance, information security risk management, operational risk management, or a combination
Experience with APAC regulatory expectations related to Information Security and Cyber Security in key APAC Countries – HKMA, Singapore MAS, Japan FSA, Chinese Regulators etc.
Knowledge and understanding of information security risk assessment or audit
Knowledge of platform technologies including network, distributed systems, desktop computing, voice, and threat management technologies
Knowledge of Information Security Frameworks and standards (FFIEC, NIST, ISO)
Knowledge, skills and understanding of oversight of internal outsourcing arrangements
Knowledge and understanding of threat analysis and assessment of potential and current information security risk/threats
Working in a large multi-national with a US parent and licensed legal entities internationally
Experience with regulatory communications, reporting, exam processes
Experience in regulatory expectations related to Cyber / Info Sec oversight, related rules, laws and guidelines for firms that operate in EU and UK
At Wells Fargo, we believe in diversity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national or ethnic origin, age, disability, religion, sexual orientation, gender identity or any other status protected by applicable law. We comply with all applicable laws in every jurisdiction in which we operate.
Internal Number: 49304BR
About Wells Fargo
Wells Fargo & Company (NYSE: WFC) is a diversified, community-based financial services company with $1.9 trillion in assets. Wells Fargo’s vision is to satisfy our customers’ financial needs and help them succeed financially. Founded in 1852 and headquartered in San Francisco, Wells Fargo provides banking, investment and mortgage products and services, as well as consumer and commercial finance, through 7,400 locations, more than 13,000 ATMs, the internet (wellsfargo.com) and mobile banking, and has offices in 32 countries and territories to support customers who conduct business in the global economy. With approximately 260,000 team members, Wells Fargo serves one in three households in the United States. Wells Fargo & Company was ranked No. 29 on Fortune’s 2019 rankings of America’s largest corporations. News, insights and perspectives from Wells Fargo are also available at Wells Fargo Stories.
www.wellsfargo.com | Twitter: @WellsFargo