Job Description

About the role: This position will mentor a team responsible for identifying, formulating and implementing information security policies, procedures, and controls within the Identity and Access Management (IAM) domain. Drives design and implementation of complex and innovative solutions that bring together organizational goals, risk appetite, and control objectives. Using in-depth knowledge of information security and the enterprise, recommends changes to enterprise information security IAM domain policies, standards, procedures, and control requirements. Ensures IAM domain controls are appropriately inventoried, tested and periodically reviewed to ensure control design effectiveness. Recommends compliance and risk management requirements for the IAM domain and works with other stakeholders to implement key risk initiatives, proactively identify and address issues, and escalate where necessary. Engages Information and Cyber Security (ICS), Wells Fargo Technology (WFT), and Wells Fargo lines of business (LOB) management to identify, formulate and implement risk-managed information security solutions. Works with various compliance and regulatory teams internal and external to Wells Fargo to ensure the best possible outcomes.

Each of the above may have functional delivery leaders in place who in turn will report in to the IAM Issues-Compliance-controls Leader. The manager role will have dual reporting line in to the lead of ICS IAM Issues-Compliance-Controls leader in India and to the Leader of Identity & Access Management Compliance-Issues-Controls at the IAM US.

Key Functions:
Provides senior consultative services to stakeholders on new, emerging and/or most complex IAM security and compliance developments, including SOX, SOC-1 and SOC-2, GBLA, and others.
Evaluates and interprets internal and enterprise IAM policies, processes and standards, and influences compliance and control decisions on net new or material changes to IT assets.
Directs information security risk assessment and analysis, and recommends remediation plans and strategies.
Provides strategic leadership in responding to IT audit, compliance, and issue management requirements on behalf of the IAM domain.

:

Lead and Coordinate with stakeholders across lines of businesses for resolution within target timeline.
Review compliance standards and evaluate risks and controls around role management, provisioning and De-provisioning of access, credential enrollment, secrets management, access policy management, authorization policy management, segregation of duties, and management of entitlement metadata
Work associated with the Automated and manual management of roles, entitlements, discretionary access and credentials as part of their respective lifecycles.
Ensure that IAM business practices, compliance policies and procedures comply with Bank requirements and applicable federal and state regulations.
Provide assistance in addressing internal and external compliance audit findings and help prepare responses as needed.
Govern and report on IAM domain projects and participate in periodic reporting
Ensure IAM is aware of all changes and emerging issues related to security, privacy, and regulatory matters.
Stay abreast of federal and state regulatory changes that may have compliance implications and ensure those changes are communicated to and addressed. Keeps abreast of latest information security trends specific to Banking & financial services industry.
Maintains a broad awareness of the state of information security across the enterprise and industry and influences change to information security policy, standards and procedures for systems/applications/tools;
Works in a flexible timing with team cross different locations/countries
Partner with senior stakeholders in the business to influence project outcomes and investments.
Accomplish results by communicating job expectation, planning, monitoring, appraising job results and coaching
Ensure smooth delivery of projects/ operations with strong focus on quality and value creation for the organization/enterprise.

Required Qualifications:
10 years of IT Compliance, Risk, and Controls Management experience with minimum 6 years of experience in IAM, including 7 years of experience with Sarbanes-Oxley IT General Controls
4 years of experience with strategic planning in a technology environment
4 years of experience in project management and reporting in MS excel, MS PowerPoint
2 years of people leadership experience in technology and/or information security
Expertise in information security industry and regulatory standards, policies, procedures and control systems
Excellent leadership, stakeholder management and program management skills.
Effective verbal, presentation, written and interpersonal communication skills.
Good negotiation, conflict resolution and decision making skills.
Bachelors or Masters degree in relevant Technology /Engineering discipline
Industry certification like CISSP, CISM, CRISC or equivalent in good standing for over 1 years

Desired Qualifications:
3 years of IT systems security, business process management, or financial services industry experience
Ability to influence across all organizational levels, particularly senior management
Ability to effectively drive results, provide feedback/direction, and manage and build relationships with leaders and team members in a geographically dispersed team environment
Ability to identify inefficiencies, opportunities to streamline business processes and implement change
Ability to evaluate impacts based on changes in law/regulations and develop company response
Experience managing large technology development efforts within a major line of business
Education: ME/ M.Tech./ MS (Engg/ Sciences)r r r r r r r Any Graduate
Industry: Financial Services/Stockbroking, Banking

Skills Required