Wells Fargo - Chandler, AZ
posted about 2 months ago
Full-time - Mid Level
Onsite - Chandler, AZ
Credit Intermediation and Related Activities
About the position
Wells Fargo is seeking a Lead Information Security Analyst to lead the policy governance efforts in Cybersecurity. This role involves formulating and implementing complex Cybersecurity policies and controls, supporting strategic initiatives for policy simplification and modernization, and collaborating with various stakeholders across the organization. The analyst will provide advanced consultation on information security compliance, manage critical information assets, and develop security risk awareness within the organization.
Responsibilities
- Lead a policy governance body to identify, formulate, and implement Cybersecurity policies and procedures.
- Provide advanced information security consultation for compliance policy, risk management, and remediation.
- Direct information security risk assessments and recommend remediation plans.
- Influence stakeholders on changes to assets to impact control decisions.
- Consult on complex security issues and findings, managing critical information assets.
- Evaluate and interpret internal and companywide information security policies and participate in decision-making.
- Advise on the development and delivery of Information Security Education and Awareness.
- Collaborate with peers and managers to resolve issues and achieve goals.
- Coordinate with vendor managers on third-party assets to manage information security risks.
- Mentor less experienced staff and lead complex Cybersecurity policy governance areas.
- Develop and execute Cybersecurity policy governance strategies and annual activities.
- Deliver periodic business and operating reports, identifying risks and issues.
- Build strong relationships with program sponsors and key stakeholders.
- Deliver clear and actionable communication to various levels of the organization.
Requirements
- 5+ years of Information Security Analysis experience or equivalent work experience, training, military experience, or education.
- 3+ years of experience managing cyber policy governance, including drafting policy.
- 4+ years' experience with identity and access management, infrastructure security, cryptography, data loss prevention, or incident response.
- 4+ years' experience in the development and management of complex programs in Cybersecurity or banking operations.
- 4+ years of experience in financial services or a highly regulated industry, with knowledge of the regulatory environment.
- 4+ years experience with change management principles and strategies.
- 4+ years of Technical Writing experience.
- Knowledge of COBIT, FedRamp, FFIEC, ISO, MITRE, NIST, and other key industry frameworks.
- Functional experience across two or more Cybersecurity domains.
Nice-to-haves
- Experience with developing and presenting business management materials to senior management.
- Strong critical thinking skills and attention to detail.
- Advanced proficiency in MS Word, Excel, and PowerPoint.
- Experience with agile methodology and Atlassian products.
- Experience with data aggregation and reporting tools like Tableau.
Benefits
- Diversity and inclusion initiatives
- Drug and alcohol-free workplace
- Accommodations for applicants with disabilities
