About this role:

Wells Fargo is seeking a Lead Information Security Analyst. This resource will lead a policy governance body of work to identify, formulate, and implement complex Cybersecurity policies, procedures, and controls for Cybersecurity. In so doing, this resource will support execution of the 2024 strategic initiative to implement Policy Simplification across all Cybersecurity policy stacks (and Policy Modernization in 2025) while partnering and influencing across the Cybersecurity policy stakeholder community, including Cybersecurity technical domains, Business Information Security Officers (BISO), Chief Information Officers, front line risk management, and the Enterprise Policy Office.

In this role, you will:

• Provide advanced information security consultation for all aspects of information security compliance policy, risk management, and remediation
• Direct information security risk assessment and research, and recommend remediation plans and strategies
• Influence stakeholders on net new or on material changes to an asset to influence control decisions
• Provide consulting on security risk assessment and research, and recommend remediation plans and strategies
• Act as more experienced lead to the organization to develop security risk awareness and mitigating actions
• Consult the organization on complex security issues and findings
• Manage the most complex and critical information assets
• Evaluate and interpret internal and companywide information security policies, processes, standards, and participate with more experienced leaders in decision making on information security
• Serve as information security lead to advise on the development and delivery of Information Security Education and Awareness
• Collaborate and consult with peers, colleagues, and mid-level to more experienced managers to resolve issues and achieve goals
• Lead projects and teams
• Coordinate with vendor manager on third party assets to manage information security risks
• Serve as a mentor to less experienced staff
• Lead one or more complex Cybersecurity policy governance areas
• Align policy area scope and deliverables to strategic and transformational goals
• Develop and evolve Cybersecurity policy governance program strategy to scale with Cybersecurity organizational growth
• Develop and execute Cybersecurity policy governance annual activities considering inputs across Cybersecurity domain functions and key stakeholder groups
• Plan and coordinate with PGO teammates to support on-time delivery of deliverables across all programs
• Drive the successful completion of programs to achieve business goals, including timely identification, escalation, and remediation of risks and issues that impact program execution and delivery
• Enhance and maintain knowledge of Wells Fargo's expectations for program and change management, including policies, processes, procedures and tools for program delivery
• Maintain and employ knowledge of industry best practices for program and change management, including agile methodology
• Deliver periodic business and operating reports, including identification and remediation of execution or other risks and issues, retrospective reviews, and lessons learned
• Build strong relationships with program sponsors, business partners, and key stakeholders
• Coordinate, facilitate, negotiate, and influence cross-functional macro-level topics with key stakeholders and senior management
• Deliver clear, concise, and actionable communication to various levels of organization on a timely basis to ensure effective understanding, decision-making, and execution

• 5+ years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education

• 3+ years of experience managing cyber policy governance, including drafting policy; or 3+ years of cyber governance is highly desired
• 4+ years' experience with identity and access management, infrastructure security, cryptography, certificate and key management, data loss prevention, information protection, cloud governance, or incident response
• 4+ years' experience in the development and management of complex programs spanning multiple technology, Cybersecurity, or large banking operations
• 4+ years of experience in financial services or other highly regulated industry; knowledge of the financial services regulatory environment
• 4+ years experience change management principles (e.g., ADKAR) and developing and implementing change management strategies
• 4+ years of Technical Writing experience
• Knowledge of COBIT, FedRamp, FFIEC, ISO, MITRE, NIST, CRI and other key industry frameworks and authoritative sources
• Functional experience across two or more Cybersecurity domains (e.g., infrastructure security, cryptography, identity and access management, data loss prevention)
• Experience with developing and presenting business management materials to senior management and governance committees
• Strong critical thinking skills, consistent attention to detail, and ability to meet deadlines amidst competing priorities
• Advanced level leadership, communication, relationship building, negotiating, and influencing skills
• Advanced proficiency in MS Word, Excel, and PowerPoint
• Experience with agile methodology and Atlassian suite of products (e.g., Confluence, Jira)
• Experience with data aggregation and reporting tools (e.g., Tableau)

• This is not a remote position. Candidates are required to work in the office three (3) days per week at the specified location
• Wells Fargo cannot consider individuals for this role who will require immigration assistance either now or in the future