Lead Operational Risk Officer (Vice President) - Information Security, Technology Risk

About this role:

Wells Fargo is seeking a VP - Lead Operational Risk Officer.

In this role, you will:

• Conduct independent risk management assessments, evaluations and identify control expectations with primary focus on information technology, information security.
• Identify operational risk issues and assign risk ratings consistent with established policies and standards.
• Evaluate the adequacy and effectiveness of applicable policies, procedures, processes, systems and internal controls.
• Perform testing coverage gap analysis on policy requirements for risk types aligned to various operational and technology processes.
• Develop, implement, and support an effective control testing operating model to provide transparency, accountability, and escalation of control effectiveness.
• Create and document control evaluations, success criteria and executing controls performance testing as a next step to design effectiveness testing.
• Consult with frontline partners and other independent risk management teams to open issues related to control failures.
• Validate/evaluate appropriateness, completeness, effectiveness, and sustainability of corrective actions taken to address situations defined as issues.
• Review for consistency and thoroughness and suggest improvements for better resiliency.
• Proactively monitor control effectiveness through quantifiable risk measurements.
• Provide mentorship and support as a SME to the team around control framework requirements aligned to technology/information security/third party/business resiliency and disaster recovery control implementation.
• Facilitate stakeholder management and communication across various levels of the organization.
• Prepare and present Risk Assessment reports, status updates and related metrics to the concerned TISRM stakeholders.
• Develop, implement, and monitor risk-based programs to identify, assess, and mitigate any operational risk that arises from inadequate or failed internal processes, people, systems, or external events
• Maintain a balance between risk mitigation and operational efficiency
• Evaluate the adequacy and effectiveness of policies, procedures, processes, systems, and internal controls
• Analyze extremely complex business and system changes to determine impact, identify operational risk issues and participate in the development of risk ratings
• Provide operational risk expertise and consulting to complex business units for initiatives with high risk, generally spanning multiple business lines
• Design and develop the most complex testing strategies, methodologies and analyses
• Consult with the business to develop corrective action plans and effectively manage change
• Identify training opportunities
• Design and coordinate the development of training materials and coordinate or deliver training
• Report findings and develop business cases to influence executive management, management committee member or head of business on the need for controls to mitigate risk
• Collaborate and consult with peers, colleagues, and managers to resolve issues and achieve goals
• Lead project or virtual teams and mentor less experienced staff

Required Qualifications :

• 5+ years of Operational Risk experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• Good experience in risk assessment, control testing/evaluation and issue management on various technology risks, inclusive of but not limited to, information security risk, third party risk, business resiliency and disaster recovery.
• Experience in Operational Risk or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, educationIndustry recognized certification such as CISA / CRISC / CISSP/CISM.
• Good to have working knowledge of COBIT framework with an emphasis on measuring control effectiveness and risk assessments.

Desired Qualifications:

• Advanced Microsoft Office skills.
• Excellent verbal, written and interpersonal communication skills.
• Strong analytical skills with high attention to detail and accuracy.
• Ability to interact with all levels of an organization.
• Ability to present complex material in a digestible, consumable manner to all levels of management.
• Broad knowledge of operational risks including technology risk and the issues faced by financial institutions today.
• Strong knowledge on enterprise risks, i.e. front office and middle office processes/controls would be considered as an added advantage.
• Proven experience with managing technology risk issues.
• Experience developing risk metrics and trending reports.
• Ability to synthesize data from a variety of sources and deliver results quickly.
• Strong organization and detail-oriented skills, with proven ability to manage and prioritize work to meet deadlines despite frequent interruptions.
• Highly proactive, able to work both independently and within a collaborative team oriented environment using sound judgment in decision-making.
• Demonstrated ability to work effectively with virtual and/or geographically dispersed teams.

Posting End Date: 

*Job posting may come down early due to volume of applicants.

Applicants with Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.

Drug and Alcohol Policy

Wells Fargo maintains a drug free workplace.  Please see our Drug and Alcohol Policy to learn more.

Wells Fargo Recruitment and Hiring Requirements:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.

b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.