5 days old

Info Security Manager 3 - Policy Violation Manager

San Francisco, CA
  • Job Code
Job Description

At Wells Fargo, we have one goal: to satisfy our customers financial needs and help them achieve their dreams. Were looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where youll feel valued and inspired to contribute your unique skills and experience.

Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.

Corporate Risk helps all Wells Fargo businesses identify and manage risk.We focus on three key risk areas: credit risk, operational risk and market risk. We help our management and Board of Directors identify and monitor risks that may affect multiple lines of business, and take appropriate action when business activities exceed the risk tolerance of the company.

Since 1852, customers have trusted that Wells Fargo would keep their assets secure from theft and always available. Today, maintaining customer trust remains our underlying operating principle.

Enterprise Information Securitys (EIS) vision is to provide Wells Fargo world leading cyber security risk management. Through a framework that addresses policy, process, operations, people, and technology, EIS protects Wells Fargos infrastructure, corporate data, and customer assets, and ensures alignment with applicable regulations and laws. EIS is part of Wells Fargo's Corporate Risk organization and is led by the Chief Information Security Officer.

Note: Charlotte, NC or Chandler, AZ is the preferred work location but will consider other core Wells Fargo locations and telecommute

The Policy Violations Manager will develop, maintain and executes all components of the Wells Fargo information Security Policy Violation framework. This role requires experience with the policy framework identified in NIST 800-53. General duties include establishing a consistent process by which enterprise policy violations will be defined, identify minimum criteria, remediation steps and documentation for tracking/reporting of policy violations. This role will work with Cyber Crimes Forensics and Investigation Team (CCFIT) to address criminal violations. This role involves collaboration with a variety of business and Enterprise Information Security (EIS) teams, including the Hygiene, HR, DLP, and Operational Risk Management. Will work with the Hygiene team in the development, tuning and implementation of security alert monitoring. He or she must have knowledge of data protection, privacy regulations, data governance and risk strategies. The position involves regular interactions with executive leadership and business-aligned security leaders. Formalized reporting and metrics will be required to be provided periodically. Coordinate with various security teams, as well as operations teams, to provide visibility into security posture of Wells Fargo. This position reports directly to the manager of the Cyber Threat Fusion Center (CTFC).

Key Job Responsibilities may include:

  • Development of dashboards to enhance the ability to address and track actions taken.
  • Knowledge of risk management, effective information strategies, practices, technologies, and control frameworks.
  • Collaborate with Awareness and Training teams on a consequence model for addressing information security policy violators.
  • Coordinate with Architecture, Engineering, and Enterprise Information Security (EIS) teams to assess technology impact on IS standards/processes.
  • Foundational understanding and experience with enterprise standards to address IT/IS policy violations across large enterprise networks.
  • Security Information and Event Management (SIEM/SIM/SEM) experience.

Required Qualifications

  • 9+ years of experience in one or a combination of the following: information security, IT systems security or technology experience including 3+ years direct experience in information security
  • 3+ years of management experience, in an Information Security or IT environment
  • 3 + years of digital forensics, security analytics experience, or a combination of both, including incident response
  • 2+ years of policy and strategy development experience

Desired Qualifications

  • 3+ years of experience managing large information security functions
  • Experience managing a technology infrastructure function, application or information security function that has impact across the enterprise
  • Excellent verbal, written, and interpersonal communication skills
  • Ability to effectively influence and interact with all levels of an organization
  • Ability to organize and manage multiple priorities
  • Outstanding problem solving skills
  • Ability to think creatively to find innovative solutions to complex analytical questions
  • Ability to articulate issues, risks, and proposed solutions to various levels of staff and management
  • Solid conflict management and decision making skills
  • 4+ years of information security experience including experience in one or more of the following security disciplines: information security monitoring, incident response, vulnerability management, host/network forensics, cyber-crime investigation, penetration testing, business continuity, or cyber threat intelligence
  • Strong customer relationship management skills
  • Ability to negotiate and facilitate issue resolution
  • Ability to handle confidential material in a professional manner
  • Knowledge and understanding of network topologies and protocols for solutions spanning multiple business functions and geographic locations
  • Knowledge and understanding of network security and network protocols

Other Desired Qualifications
  • Advanced Information Security technical skills and understanding of information security practices and policies
  • Ability to manage complex issues and develop solutions
  • Strong knowledge of Secure SDLC and integration of vulnerability scanning with Secure SDLC framework


All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.

Relevant military experience is considered for veterans and transitioning service men and women.

Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.



  • Management
  • Security / Protective Services
  • Engineering

Featured Jobs

Career News

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Info Security Manager 3 - Policy Violation Manager

Wells Fargo
San Francisco, CA

Share this job

Info Security Manager 3 - Policy Violation Manager

Wells Fargo
San Francisco, CA

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast