About Wells Fargo

Market Job Description

• Design meaningful metrics and monitoring of key risks and controls, and develop reporting for operations, control and business leaders, and Enterprise Risk Programs such as Risk Control Self-Assessment (RCSA) or Risk Appetite.
• Supervise and oversight the Risk Management Activities.
• Keep senior leaders in Operations, COO, Enterprise Functions Technology (EFT) Divisional Control, and other key stakeholders abreast of operational support risks, operational process and control health, and similar infrastructure and capacity concerns affecting EFT.
• Continuously engage in discussions with the EFT COO Functions, Business partners and Operations supporting EFT on opportunities to improve end-to-end processes and controls, new product or services strategies, new/modified markets, systems, products and services, to determine impact, identify, and remediate operational risk issues across EFT.
• Provide reporting, written and verbal updates to risk oversight councils, EFT and Enterprise risk committees as issues/incidents arise that require escalation.
• Develop business cases to influence control owners and business sponsors on the need for additional or improved controls to mitigate risk as applicable.
• Establish regular routines with corporate risk, testing & validation and audit partners to provide transparency into business risk profiles and trend.
• Collaborate with the line of business to help manage Audit, IRM and Regulator engagements, reviewing submissions where necessary.
• Lead or assist in regulatory risk related projects as needed

Market Skills and Certifications

• University degree in Business or related discipline.
• Experience of 14 years overall with a minimum of 12 years relevant experience in a multinational financial institution or similar.
• One or more certifications like CRISC, CISA, CISM, CGEIT, and CISSP.

• Working knowledge of the Risk Management Framework (RMF) concepts and policies across risk types (regulatory, financial crimes, credit, operational, etc.) and quantify risk (financial impact to organization, risk exposure levels).
• Ability to identify risk and controls, to create remediation plans, remediation success criteria and control documentation.
• Knowledge and experience in Policy Management, third party risk, BCP, SDLC, Availability Management, Configuration Management, Access Control, Segregation of Duties, vulnerability management, and other domains in technology and information security to serve as a SME.
• Understanding of audit lifecycle and methodology.
• Ability to lead project execution by creating project plans, tracking action items and deliverables, and reporting to showcase progress, risks and issues.
• Excellent communication skills (verbal, written and interpersonal); ability to concisely articulate complex concepts in a clear manner. Strong analytical skills with high attention to detail and accuracy.
• Ability to translate technical language into plain business language, and to translate business requirements into technology initiatives.
• Demonstrated capability to confidently raise issues, escalate early, and engage in constructive credible challenge independently.
• Technical understanding of specific business operations, processes, products, and customer interactions where they manifest risk.
• Demonstrated capacity to pro-actively and independently analyze and solve problems and address risks. Take accountability of timely submission of deliverables and critical thinking.

We Value Diversity