Job
Description
About this role: Wells Fargo is seeking an Audit Manager. Audit is a provider of independent, objective assurance services delivered through a highly competent and diverse team. As a business partner, Audit helps the company accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. About Enterprise Technology Audit Group: The Enterprise Technology Audit Group (ETAG) conducts and coordinates audits of information technology and information security, primarily focused on the Wells Fargo Technology (WFT) organization, the Independent Risk Management (IRM) Technology, and the Third Party and information Risk Oversight (TPIRO) group. ETAG is broken out into the following sub-teams : Chief Information Office (CIO) - CSBB Technology, Consumer & Small Business Banking, Consumer Lending Technology, Digital & Innovation Technology, Enterprise Functions Technology, Financial Crimes & Enterprise Data Technology, WIM Technology Chief Technology Office (CTO) - Cloud Platforms, CIO Development, Change Enablement, Middleware Information Security - Access Management, NIST Assessment, Cybersecurity Defense Monitoring, Information Protection, Third Party Risk Infrastructure & Technology Recovery - Technology Continuity & Resiliency, Technology Infrastructure Technology Governance - IT Governance, Risk Management, Compliance Strategy & Digital, & Innovation Group (SDI) - Corporate Strategic Planning, Digital Platform, Innovation Group In this role, you will: Lead execution of the integrated audit process Participate in audits in accordance with Wells Fargo Audit Services policy Demonstrate depth and breadth of knowledge and understanding across multiple businesses or develop knowledge in a critical subject matter area Demonstrate comprehensive knowledge and understanding of the financial, operational, technical, and regulatory environment across multiple businesses or develop excellent subject matter knowledge in critical areas of the business Write opinions reflecting relevant facts that lead to logical conclusions Escalate significant risks and loss exposures to appropriate levels of management Ensure documentation and reporting are ready for review by managers and more experienced managers Demonstrate credible challenge Evaluate and provide appropriate solutions for complex problems Lead multiple concurrent projects that are generally moderate to large in size and moderate to high in complexity Identify and assess key risks and controls and develop effective test plans for engagements as assigned with limited guidance Present audit results in an objective and unbiased manner Exhibit appropriate judgment regarding issue notification, issue draft findings to client management, and draft final audit reports Develop and maintain excellent business relationships within Internal Audit and with teams companywide Required Qualifications: 5+ years of Audit, Risk experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications : 5+ years of work experience in Technology Governance, Risk Management and Compliance (GRC) or IT Security with at least 5 years in Technology Audit. A professional with auditing, security, or accounting designation e.g., CISA, CISSP, CPA, CA, CIA, CCNA, CISM, CRSIC or to have substantially completed the requirements for such a designation while actively pursuing the completion of such a designation. Background of Technology Audit within international financial service organizations. Lead execution of the integrated audit process Participate in audits in accordance with Wells Fargo Internal Audit policy Demonstrate depth and breadth of knowledge and understanding across multiple businesses or develop knowledge in a critical subject matter area Demonstrate comprehensive knowledge and understanding of the financial, operational, technical, and regulatory environment across multiple businesses or develop excellent subject matter knowledge in critical areas of the business Write opinions reflecting relevant facts that lead to logical conclusions Escalate significant risks and loss exposures to appropriate levels of management Ensure documentation and reporting are ready for review by managers and more experienced managers Demonstrate credible challenge Evaluate and provide appropriate solutions for complex problems Lead multiple concurrent projects that are generally moderate to large in size and moderate to high in complexity Identify and assess key risks and controls and develop effective test plans for engagements as assigned with limited guidance Present audit results in an objective and unbiased manner Exhibit appropriate judgment regarding issue notification, issue draft findings to client management, and draft final audit reports Develop and maintain excellent business relationships within Internal Audit and with teams companywide Job Expectations: Experience in general Information Technology control reviews as well as application control reviews. Strong knowledge of and experience in medium to large-scale application reviews and system development projects, and ability to perform reviews on various platforms (e.g., Unix, Windows, iSeries, z/OS, SQL DB, Oracle DB, network devices, middleware, cloud). Good understanding of technology processes (e.g. change management, security operations, technology operations, business resiliency, etc.), application and infrastructure controls. Good knowledge of system development methodologies, information security controls, access management, technology governance and risk management. Knowledge of information security management frameworks (e.g. COBIT, ISO 2700x, ITIL, NIST Cybersecurity Framework, SANS Top 20 Critical Security Controls, Vulnerability and Penetration testing). Solid knowledge and understanding of audit methodologies and tools that support audit processes. Knowledge of IT and Cloud management and control frameworks Experience with Issue Validation and Remediation Excellent verbal, written, and interpersonal communication skills. Strong organizational, multitasking, and prioritizing skills. Ability to work independently and as part of a team, be flexible. Ability to execute in a fast-paced demanding environment while balancing multiple priorities. Problem solving attitude. Good analytical skills with high attention to detail. Ability to work with minimal supervision and exercise independent judgment consistent with department guidelines.
