Info Security Asssoc Manager
Information and Cyber Security (ICS) vision is to provide Wells Fargo world leading cyber security risk management. Through a framework that addresses policy, process, operations, people, and technology, ICS protects Wells Fargo’s infrastructure, corporate data, and customer assets, and ensures alignment with applicable regulations and laws
About the Role
The Information and Cyber Security (ICS) organization has an opening for an Information Security Associate Manager position in IAM Facilitation & RBAC Operations, to manage a team of Role & Application Analysts supporting internal lines of business including Wholesale, Treasury Management and Wealth Management.The Manager will be responsible for continued operationalization of established role-based access methods and processes, while striving for improved efficiency and productivity within the team. The Manager will be expected to develop new insights into situations and apply innovative solutions to problems; designing new operational and risk mitigation methods where needed. Additionally he/she will participate in initiatives to implement newly created Enterprise RBAC/ABAC/PBAC tools and processes.
Develop SME knowledge with self and team for Enterprise RBAC, ABAC and PBAC initiatives; demonstrate ability to present these concepts to supported business partners and explain applicability to their business and access needs
Guide the business in building effective role profiles, avoiding role proliferation and SoD violations
Provide operational risk expertise and consulting for projects and initiatives at the EAM and Business level
Develop and maintain partnerships with internal and business partners; demonstrate effective negotiation skills; address questions and concerns, adapting arguments as needed
Maintain regular dialogue with EAM, Technology and Line of Business contacts, understanding upcoming initiatives, current production issues, etc. that translate into necessary updates to the business or application roles
Facilitate the development of technical/business requirements for tool enhancements such as BOTS and SIMBA; insure enhancements support improved efficiency and do not introduce complexity into the work environment
Participate in UAT testing for internal tool development, as well as the roll out of enterprise-wide role based access controls
Manage work group processes, facilitating cooperation, trust, and group identity and fostering commitment
Provide guidance, direction, and purpose for direct and indirect reports to achieve the work needed to drive the business
Work with Team Lead to maintain system of checks and balances to monitor work of self and others
Work with Team Lead to develop procedures to monitor process, progress and results
Hold team members accountable for accomplishing commitments/goals
Identify opportunities to improve own processes and levels of service
Quickly take action to correct mistakes or flaws in process or service once discovered
Establish comprehensive metrics and consistent review schedule to improve work
Formulate effective long-range objectives and strategies consistent with business and competitive strategy
Anticipates short-term and long-range consequences and trends and incorporates into strategic planning that may affect a large department, business unit or organization
Market Skills and Certifications
Bachelor’s Degree in Engineering preferably in Information Technology or Computer Science
11+ years of technology/information security experience with minimum 8 years of Information Security/IAM and 4+ year of leadership or supervisory experience.
Expertise in leading Identity and Access Management (IAM) managed services delivery or operations.
Understanding of Role Based Access Control (RBAC) methodology
Understanding on IAM policies and controls/SOX controls/Information Security Controls
Excellent leadership, stakeholder management and program management skills.
Effective verbal, presentation, written and interpersonal communication skills.
Good negotiation, conflict resolution and decision making skills.
Flexible to work additional hours, as needed.
Industry certification like CISSP, CISM, CRISC in good standing for over 1 years
Experience managing a technology infrastructure function, application or information security function that has impact across multiple lines of business
Ability to effectively influence and interact with all levels of an organization
Proven experience in identifying and resolving customer and production issues
Apply for the Job