This job has expired and you can't apply for it anymore. Start a new search.

Operational Risk Manager 5 - EIT Regulatory Compliance Management

Job Description

It starts with you. Our goal is to attract, develop, retain and motivate the most talented people - those who care and who work together as partners across business units and functions. We value and promote diversity and inclusion in every aspect of our business and at every level of our organization.

Technology at Wells Fargo is at the heart of what enables us to satisfy our customers’ financial needs and help them succeed financially. The Enterprise Information Technology (EIT) team leads technology for one of the highest market cap financial services institutions in the world, helping 76.6 million customers conduct an average of 95 million transactions each day, helping more end-customers every day – both in the United States and across the globe – than any other division in our company.

The EIT team helps customers directly every time they do business with the company, delivering a true One Wells Fargo experience and ensuring their security, regardless of channel. EIT also helps customers by remaining trusted partners working with all lines of business to develop and deliver value-added products andservices. To do this, EIT draws on the talents and motivation of thousands of technology team members across the enterprise. Altogether, EIT manages world-wide technology for more than 8,700 stores and 12,500 ATMs – larger than Starbucks and The Gap combined.

The Operational Risk Manager 5 - EIT Regulatory Compliance Management will have accountability for regulatory compliance management and oversight within the EIT business group as First Line of Defense (FLOD). Our environment continues to be one of heightened standards, raised risk consciousness, and regulatory requirements. The model through which we deliver risk programs and oversight is changing. This role is created in alignment with the new comprehensive First Line of Defense risk structure for Enterprise Information Technology. As the first line of defense, this role provides policy management direction and adherence oversight to the EIT group, consistent with the Wells Fargo Vision & Values and risk appetite.

The EIT Regulatory Compliance Operational Risk Manager will lead the planning and execution of critical FLOD risk functions for policy development, management, and oversight, in alignment with the Corporate Risk Model and EIT Risk Target Operating Model.

Accountabilities of the EIT Regulatory Compliance Operational Risk Manager will include:


  • Ensure strategic EIT Regulatory Compliance direction is set and ensure executive stakeholder buy in is achieved via effective partnership within Corporate Risk, Business, Technology, Enterprise Information Security, EIT Technology Risk Oversight, and Wells Fargo Audit Services.
  • Ensure EIT Regulatory Compliance management team is provided with the appropriate guidance and ensure activities are executed consistently in line with the expectation of the Technology Risk Management Framework, Technology Risk Management Policy, Corporate Risk Frameworks, and their related policies.
  • Ensure regulatory compliance risks are appropriately identified, assessed, and managed in accordance with Technology, Corporate Risk, Senior Management, and Board risk appetite.

Identify and Assess:

  • Ensure a comprehensive set of domestic and international applicable laws, regulations, and rules impacting technology are inventoried, reviewed, and maintained in support of Enterprise Information Technology, and that regulatory compliance processes are able to evidence enterprise regulatory compliance objectives, risk appetite, and strong governance.
  • Ensure all regulatory compliance management activities are thoroughly executed with applicability established, major requirements reviewed, compliance action plans risk assessed, mitigated, and appropriately reported via executive monthly reporting and governance routines in support of leadership awareness and risk accountabilities.
  • Ensure EIT regulatory compliance baselines are established and routinely assessed in support of EIT risk profile. Ensure adherence baseline not fully compliant with regulatory compliance objectives and risk appetite have action plans to improve compliance and reduce risk.

Control & Mitigate:

  • Ensure all EIT major compliance requirement reviews have detailed action plans that are routinely monitored, reported, and validated to ensure risk is properly mitigated.

Monitor & Report:

  • Ensure Regulatory Compliance Key Process Indicators (KPI) and Key Risk Indicators (KRI) are established and reported. Proactively monitor KPI’s/KRI’s to ensure upper and lower KPR boundaries are not breached or take immediate actions to report risk to appropriate operational risk committee and resolve.
  • Ensure all EIT Regulatory Compliance activities produce informative and actionable operational and executive level reporting. Integrate continuous improvement with metrics and monitoring.
Required Qualifications

  • 10+ years of experience in compliance, operational risk management (includes audit, legal, credit risk, market risk, or the management of a process or business with accountability for compliance or operational risk), or a combination of both; or 10+ years of IT systems security, business process management or financial services industry experience, of which 6+ years must include direct experience in compliance, operational risk management, or a combination of both
  • 7+ years of management experience

Desired Qualifications

  • Advanced Microsoft Office skills
  • Excellent verbal, written, and interpersonal communication skills
  • Strong analytical skills with high attention to detail and accuracy
  • Ability to articulate complex concepts in a clear manner

Other Desired Qualifications
  • 10+ years of regulatory compliance management operational risk experience within an IT Financial Services environment with an emphasis on regulatory review, regulatory compliance governance, compliance risk management, compliance baseline management, and aggregate risk profiling, KPI and KPI development. Demonstrated knowledge of top domestic and international laws, regulations, rules: FFIEC, GLBA, BASEL II, EU Directive, FEDERAL Act on Data Protection, Ireland Consolidated Data Protection Acts etc.
  • 10+ years demonstrated leadership skills and strategic ability to establish, execute, and mature technology risk management programs and risk culture within a dynamic and complex technology environment
  • Experience managing information technology oversight programs, governance committees, and transformation initiatives within an IT financial services environment
  • Broad and significant knowledge of technology and the associated challenges, risks, and required controls inherent in a complex federated environment, including knowledge of SDLC, Architecture, Cloud, Datacenter, Vendor and third party, BCP, PMO, change Mgmt, problem and incident management, SOX and other regularly (ADA, SWAP Dealer), Access management, asset management, Compliance, IS, audit
  • Demonstrated knowledge of Technology and Security risk framework – COBIT, FFIEC, NIST, ITIL, COSO, and OCC Heightened Standards
  • Proven prior experience in comprehensive risk ownership and accountability for the risk profile positioning
  • Track record of providing constructive challenge with appropriate issue escalation and offering solution
  • Strong ability and experience working with and collaborating with leaders and team members at all levels and across functional lines
  • Demonstrated ability to effectively drive and lead organizational change
  • Demonstrated ability to manage in a matrix environment both domestically and internationally
  • Comprehensive knowledge and understanding of strategic elements of financial, operational, technical, and regulatory environments across a complex global services environment
  • Ability to fluently articulate business strategy and operations; translating organizational strategies into clear objectives and business action
  • Demonstrated experience in building, leading, developing, and retaining a team of managers, strong technical experts, and high performing professionals in geographically disbursed environments
  • Professional certifications such as CPA, CSCP, CRCM, CGEIT, CRISC, CITP, CISA, CISSP

    All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.

    Relevant military experience is considered for veterans and transitioning service men and women.

    Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.