Lead Information Security Analyst - Data Analytics and Vulnerabilities
Apply NowCompany: Wells Fargo
Location: Dallas, TX 75217
Description:
Wells Fargo is seeking a Lead Information Security Analyst to join an exciting and fast-paced team driving the effort to protect our customers and companies most critical data. In this critical role, you will explore advanced technology to implement modernized ways of working that drive down risk and increase efficiency.
This is a hybrid role at Wells Fargo.
There is no Visa sponsorship or Visa Transfers.
The req is seated in the location posted on the req.
About this role:
This role will provide technical leadership and be an individual contributor to teams that obtain and analyze data, develop reporting for senior leadership, and conduct governance of critical vulnerabilities and deficiencies across the enterprise. The ideal candidate will have demonstrated experience in the design and implementation of vulnerability management or governance, risk and compliance programs. The ideal candidate will also have demonstrated experience in automated processes including advanced data analytics, visualization, dashboards and remediation monitoring. This role is one part data analytics, one part vulnerability management and one part risk management.
In this role, you will:
Provide advanced information security consultation for all aspects of information security compliance policy, risk management, and remediation
Direct information security risk assessment and research, and recommend remediation plans and strategies
Perform Governance, Risk and Compliance to identify and prioritize key risk areas, monitor remediation and escalation critical risks to senior management
Conduct user engagement on identified areas of policy non-adherence, report and advise on moderately complex remediation or mitigation plans
Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
Review and correlate technical data to include scanning reports, key and certificate management reports, security logs
Analyze identified vulnerabilities, assess their potential impact, and prioritize remediation efforts based on risk levels
Contribute to the development and maintenance of security policies and procedures related to information protection, information classification, encryption and digital certificates
Develop detailed process documentation and BAU artifact generation for security controls and metrics, governance routines, escalation events, and consequence model
Required Qualifications:
5+ years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
4+ years in a vulnerability management or governance, risk and compliance role, identifying and prioritizing areas of policy non-adherence, report development, remediation monitoring and escalation to senior management
Strong skills in analysis of information security monitoring data from industry leading tools (e.g. Qualys, Tanium, etc.)
Strong skills in data Extract, Transform, Load (ETL) to include automation of data ingestion, data reduction, data processing, data visualization.
Knowledge of data automation through industry leading tools (MS Power Apps, Tableau, Alteryx, etc.)
Desired Qualifications:
IT Security certification (CISSP, CRISC, GIAC, Cloud, etc)
Demonstrated expertise of Governance, Risk and Compliance principles for monitoring adherence to Information Security policies
Experience with or strong conceptual understanding of data protection principles, frameworks and technologies
Knowledge of Cloud service providers such as Amazon Web Services (AWS), Google Cloud Platform (GCP) or MS Azure
Documentation skills including design diagrams, process flows and content writing
Ability to plan & manage work well, high quality assurance and meet required standards & guidelines.
Should be familiar with financial institution security procedures and policies especially with data handling & protection.
Experience with Agile methodology of project delivery
Ability to communicate confidently and professionally
Ability to negotiate, influence, and collaborate to build successful relationships
Strong time management skills including the ability to handle multiple deliverables concurrently
Ability to influence across all organizational levels
Advanced knowledge of cybersecurity topics and organizations
Job Expectations:
Work independently to conduct governance routines on a weekly, monthly or quarterly frequency
Proactively retrieve data, conduct accuracy and completeness checks
Perform data reduction and processing to narrow large data sets to actionable artifacts
Identify security vulnerabilities, perform product mapping, conduct trend analysis, perform risk assessments, and evaluate remediation alternatives
Conduct product owner engagement for non-adherence and remediation monitoring
Prepare executive ready reports with an emphasis on escalation of critical risk areas
Develop and maintain automated workflows for data ingestion, processing, and reporting
Develop and maintain documentation for security controls and metrics, governance routines, escalation events, and consequence model
Pay Range
Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to achievements, skills, experience, or work location. The range listed is just one component of the compensation package offered to candidates.
$111,100.00 - $197,500.00
Benefits
Wells Fargo provides eligible employees with a comprehensive set of benefits, many of which are listed below. Visit Benefits - Wells Fargo Jobs for an overview of the following benefit plans and programs offered to employees.
Posting End Date:
27 Apr 2025
*Job posting may come down early due to volume of applicants.
We Value Diversity
At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.
Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements.
Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.
Applicants with Disabilities
To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.
Drug and Alcohol Policy
Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more.
Wells Fargo Recruitment and Hiring Requirements:
a. Third-Party recordings are prohibited unless authorized by Wells Fargo.
b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.
This is a hybrid role at Wells Fargo.
There is no Visa sponsorship or Visa Transfers.
The req is seated in the location posted on the req.
About this role:
This role will provide technical leadership and be an individual contributor to teams that obtain and analyze data, develop reporting for senior leadership, and conduct governance of critical vulnerabilities and deficiencies across the enterprise. The ideal candidate will have demonstrated experience in the design and implementation of vulnerability management or governance, risk and compliance programs. The ideal candidate will also have demonstrated experience in automated processes including advanced data analytics, visualization, dashboards and remediation monitoring. This role is one part data analytics, one part vulnerability management and one part risk management.
In this role, you will:
Provide advanced information security consultation for all aspects of information security compliance policy, risk management, and remediation
Direct information security risk assessment and research, and recommend remediation plans and strategies
Perform Governance, Risk and Compliance to identify and prioritize key risk areas, monitor remediation and escalation critical risks to senior management
Conduct user engagement on identified areas of policy non-adherence, report and advise on moderately complex remediation or mitigation plans
Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
Review and correlate technical data to include scanning reports, key and certificate management reports, security logs
Analyze identified vulnerabilities, assess their potential impact, and prioritize remediation efforts based on risk levels
Contribute to the development and maintenance of security policies and procedures related to information protection, information classification, encryption and digital certificates
Develop detailed process documentation and BAU artifact generation for security controls and metrics, governance routines, escalation events, and consequence model
Required Qualifications:
5+ years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
4+ years in a vulnerability management or governance, risk and compliance role, identifying and prioritizing areas of policy non-adherence, report development, remediation monitoring and escalation to senior management
Strong skills in analysis of information security monitoring data from industry leading tools (e.g. Qualys, Tanium, etc.)
Strong skills in data Extract, Transform, Load (ETL) to include automation of data ingestion, data reduction, data processing, data visualization.
Knowledge of data automation through industry leading tools (MS Power Apps, Tableau, Alteryx, etc.)
Desired Qualifications:
IT Security certification (CISSP, CRISC, GIAC, Cloud, etc)
Demonstrated expertise of Governance, Risk and Compliance principles for monitoring adherence to Information Security policies
Experience with or strong conceptual understanding of data protection principles, frameworks and technologies
Knowledge of Cloud service providers such as Amazon Web Services (AWS), Google Cloud Platform (GCP) or MS Azure
Documentation skills including design diagrams, process flows and content writing
Ability to plan & manage work well, high quality assurance and meet required standards & guidelines.
Should be familiar with financial institution security procedures and policies especially with data handling & protection.
Experience with Agile methodology of project delivery
Ability to communicate confidently and professionally
Ability to negotiate, influence, and collaborate to build successful relationships
Strong time management skills including the ability to handle multiple deliverables concurrently
Ability to influence across all organizational levels
Advanced knowledge of cybersecurity topics and organizations
Job Expectations:
Work independently to conduct governance routines on a weekly, monthly or quarterly frequency
Proactively retrieve data, conduct accuracy and completeness checks
Perform data reduction and processing to narrow large data sets to actionable artifacts
Identify security vulnerabilities, perform product mapping, conduct trend analysis, perform risk assessments, and evaluate remediation alternatives
Conduct product owner engagement for non-adherence and remediation monitoring
Prepare executive ready reports with an emphasis on escalation of critical risk areas
Develop and maintain automated workflows for data ingestion, processing, and reporting
Develop and maintain documentation for security controls and metrics, governance routines, escalation events, and consequence model
Pay Range
Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to achievements, skills, experience, or work location. The range listed is just one component of the compensation package offered to candidates.
$111,100.00 - $197,500.00
Benefits
Wells Fargo provides eligible employees with a comprehensive set of benefits, many of which are listed below. Visit Benefits - Wells Fargo Jobs for an overview of the following benefit plans and programs offered to employees.
- Health benefits
- 401(k) Plan
- Paid time off
- Disability benefits
- Life insurance, critical illness insurance, and accident insurance
- Parental leave
- Critical caregiving leave
- Discounts and savings
- Commuter benefits
- Tuition reimbursement
- Scholarships for dependent children
- Adoption reimbursement
Posting End Date:
27 Apr 2025
*Job posting may come down early due to volume of applicants.
We Value Diversity
At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.
Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements.
Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.
Applicants with Disabilities
To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.
Drug and Alcohol Policy
Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more.
Wells Fargo Recruitment and Hiring Requirements:
a. Third-Party recordings are prohibited unless authorized by Wells Fargo.
b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.