11 days old
2018-01-102018-02-16

Technology Relationship Manager 2 - Security Code Review Strategic Initiatives

Saint Louis, CA
  • Job Code
    5380493-6
Job Description

ENTERPRISE INFORMATION SECURITY:

Since 1852, customers have trusted that Wells Fargo would keep their assets secure from theft and always available. Today, maintaining customer trust remains our underlying operating principle.

Enterprise Information Securitys (EIS) vision is to provide Wells Fargo world leading cyber security risk management. Through a framework that addresses policy, process, operations, people, and technology, EIS protects Wells Fargos infrastructure, corporate data, and customer assets, and ensures alignment with applicable regulations and laws. EIS is part of Wells Fargo's Corporate Risk organization and is led by the Chief Information Security Officer.

Note: This position is open to any core Wells Fargo location or telecommute.

The EIS Security Code Review (SCR) team provides application vulnerability and risk identification for many of the critical applications used by Wells Fargo, from an automated and manual static analysis (code level) perspective. In an enhancement to risk management, SCR is extending its core team capabilities in vulnerability and risk identification to additionally include validation review that supports the drive for near-term risk reduction in cyber remediation efforts.

The team is comprised of five main areas:

  • Infrastructure, Technology & Reporting that is responsible for maintaining the back-end core of our code review processes.
  • Triage that is responsible for automated review testing of all applications in the SCR portfolio.
  • Security Code Review where a specialized team of engineers perform manual static analysis for code level security issues.
  • Security Validation Review, which is a new area aligned to manual validation of remediated code-level issues.
  • Integrated Risk Management, which is a self-supporting governance, risk and compliance unit within SCR that strives to maintain continual advancement in our teams secure operational effectiveness.

The Technology Relationship Manager (TRM) role is a newly formed position on the Security Code Review team, working to optimize the progression of SCRs dynamic growth through oversight and/or direction of strategic improvement and advancement initiatives. As we accelerate critical SCR technology to support upcoming growth objectives, implement a new team capability with a need for operational maturity built in at the forefront, expand code review capabilities into new territory, and continue to build integration points within Cyber Threat Management to enhance proficiency in threat detection, the TRM will partner with accountable initiative leaders and team members as well as SCR enterprise partners to ensure our strategic efforts are collaborative, coordinated, and align to One Wells Fargo principles. This is an exciting opportunity to be part of a growing team of niche, high performance security talent.

While working to your strengths aligned to your own unique technology, relationship management and security background, you will have supported opportunity to learn new technologies and gain new skills. In fact, professional development is one of the core work objectives for each SCR team member, where enhancing current and building new capabilities are favorable traits and encouraged.

This position will report directly to the Security Code Review Leader situated within Cyber Threat Management (CTM), and will be working with a high performance team focused on driving success of manual and automated security review capabilities within the SCR Team that operates as part of CTM within EIS CSD&M. This is an exciting opportunity as Wells Fargo continues to improve and expand our core capabilities in application vulnerability detection, risk identification, remediation validation and reporting.

This position will work with a team inclusive of US and India based team members spread across several locations. Works with and influences information security and line of business management to identify, formulate and implement strategic SCR solutions in support of diverse application technologies. The TRM may be responsible for complex and innovative solutions that address application security vulnerability detection, validation and reporting as well as leading proof-of-concept initiatives to make decisions on process or technology prototype acceptance and use.

The position will be responsible for establishing/maintaining effective communication and collaboration between many internal and external technology/business units. Maintains an advanced awareness of bank security policies and government regulations pertaining to information security and participates in recommending changes to information security policy, standards and procedures as needed for SCR processes/systems/tools.

Team members are spread across several locations, with the majority of the team working remotely. We focus on hiring the best talent regardless of the location. Your opinions matter to us. We encourage understanding differences in viewpoint and open discussion forums to the opinions of all team members so that we can uniformly make strategic and operational improvements that consider all sides.

If this sounds like a position that interests you, apply today. Wed like to understand your capabilities, background, and opinions on application security and the strategic growth initiatives of our team.



Required Qualifications

  • 5+ years of technology delivery and relationship management experience with a client organization
  • 3+ years of information security experience
  • 1+ years of process improvement experience



Desired Qualifications

  • Relationship management experience delivering technology services between one or more internal technology organizations and medium-sized internal lines of business
  • Excellent verbal, written, and interpersonal communication skills
  • Ability to work effectively in a team environment and across all organizational levels, where flexibility, collaboration, and adaptability are important
  • Ability to identify key issues, involve affected parties, design solutions, obtain buy-in, and communicate effectively through resolution
  • Ability to prepare and present senior level communications
  • Virtual leadership experience with ability to effectively drive results, provide feedback/direction, and manage and build relationships with leaders and team members in a geographically dispersed team environment
  • Ability to translate and summarize complex data into understandable, actionable information and recommendations
  • Knowledge and understanding of application or software security such as: web application penetration testing, secure code review, secure static code analysis



Other Desired Qualifications
  • 1 year of experience with infrastructure planning
  • 3+ years of experience within application security as it relates to development, infrastructure, technology, policy, etc.
  • Advanced Information Security technical skills and understanding of information security practices and policies
  • Understands application security as it relates to development, infrastructure, data classifications, policy, etc.
  • CISSP, CSSLP, GSSP, or comparable security certification
  • Knowledge of risk assessment methodologies and frameworks and how to apply them to diverse applications.
  • Ability to handle multiple complex assignments simultaneously
  • Experience working with technology vendors
  • Ability to stay current with emerging technologies and industry trends
  • Ability to handle difficult situations and to provide alternative solutions or workarounds
  • Flexible and creative in helping to find acceptable solutions




Disclaimer


All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.



Relevant military experience is considered for veterans and transitioning service men and women.

Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.

Advertisement

Categories

  • Engineering
  • Government
  • Security / Protective Services
  • Legal

Featured Jobs

Career News

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Technology Relationship Manager 2 - Security Code Review Strategic Initiatives

Wells Fargo
Saint Louis, CA

Share this job

Technology Relationship Manager 2 - Security Code Review Strategic Initiatives

Wells Fargo
Saint Louis, CA
US

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast