IT Audit Manager - Information Security Audit Team in Denver, Colorado | DiversityInc Careers
This job has expired and you can't apply for it anymore. Start a new search.

IT Audit Manager - Information Security Audit Team

Job Description

At Wells Fargo, we have one goal: to satisfy our customers’ financial needs and help them achieve their dreams. We’re looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you’ll feel valued and inspired to contribute your unique skills and experience.

Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.

Audit Services conducts audits and reports the results of our work to the Audit & Examinations Committee of the Board of Directors. We provide independent, objective assurance and consulting services delivered through a highly competent and diverse team. As a business partner, Audit helps the Company accomplish its objectives by bringing a systematic disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

The Enterprise Technology Audit Group focuses on conducting and coordinating audits of information technology throughout Wells Fargo, including audits of the Enterprise Information Technology Group, the group responsible for providing most of Wells Fargo’s core technology and support for line of business processes and products.  The team also covers audits of the Enterprise Information Security group that provides products and services to equip Wells Fargo team members with the tools, knowledge and expert resources to protect Wells Fargo’s infrastructure, corporate data, and sensitive customer information.

The Information Security Audit teams performs audits of the Wells Fargo cyber defense monitoring, information security engineering, network engineering functions, third party information security and access management.  In addition, the team also covers information security governance and risk management.  As an Audit Manager on the Information Security Audit team you will play an important and dynamic role in building high-performing teams, connecting with our business partners and regulators, and executing the audit plan. You will monitor the business to identify key emerging risks, and will also support team member development and engagement. 

At present the team is looking for three audit managers for three distinct areas of focus.  The first is focused on leading audit projects in the cyber defense, information security engineering and network functions.  The second position in the Identity & Access Management and Third Party Information Security Risk space.  The primary focus of the third position is the periodic performance of a NIST based cybersecurity assessment and other cybersecurity continuous monitoring activities.   The general job responsibilities for these positions include the following:

  • Supervise execution of multiple concurrent technology audits primarily in accordance with rigorous policy and work paper standards and within tight time frames.  May also participate in audits to provide subject matter knowledge/skills and/or to design and conduct tests of internal controls.
  • Assess key risks and controls; and design innovative and appropriate broad based coverage across a technology, exhibiting exceptional judgment regarding issue identification, issuing draft findings to business partner management, and drafting and issuing final audit reports with limited guidance.
  • Often leads multiple concurrent projects that are generally moderate to large in size and moderate to high in complexity; develops and applies leadership and project management skills.
  • Develops valuable and trusting relationships with Wells Fargo business partners.
  • Demonstrates subject matter knowledge in critical areas of technology and information security identifies and assesses key risks and controls, and develops effective test plans for engagements as assigned with limited guidance.
  • Demonstrates professional skepticism; presents audit results in an objective and unbiased manner, writes opinions that lead to logical conclusions, and escalates significant risks and loss exposures timely to appropriate levels of management.
  • As a manager with 0 to 3 direct reports, is recognized as a team leader and expert at organizing and leading teams/projects; helps recruit/hire, on-board, and train team members; and provides career and performance coaching and performance feedback to team members.
  • Helps Senior Audit Manager develop and manage the audit plan, schedule resources, and other duties as assigned. 
  • Ability to travel as needed up to 20%

Required Qualifications

  • 7+ years of experience in one of the following: audit, technology risk management, information security, IT program management, technology governance, or availability management
  • 2+ years of leadership experience

Desired Qualifications

  • Audit experience at a large financial institution or auditing company.
  • A BS/BA degree or higher in accounting, finance, or business administration
  • Certification in one or more of the following: CPA, CAMS, CRCM, CIA, CISA or Commissioned Bank Examiner designation
  • Risk or compliance experience
  • Leadership experience for professional auditors, risk management, or project leadership professionals
  • Solid knowledge and understanding of audit methodologies and tools that support audit processes
  • Ability to work effectively in a team environment and across all organizational levels, where flexibility, collaboration, and adaptability are important
  • Outstanding problem solving and analytical skills with ability to turn findings into strategic imperatives
  • Ability to communicate effectively, in both written and verbal formats, with senior executive-level leaders

Other Desired Qualifications
  • At least 5 years of experience in IT Audit, Information Security, or Information Risk Management with at least 3 years of relevant experience in one or more of the following areas: information security management, cybersecurity, security analysis and risk assessments, network and/or server security, network architecture, IT infrastructure management.
  • Experience analyzing and prioritizing threats and vulnerabilities; developing and implementing information security/technology policies, standards, procedures, and guidelines to prevent unauthorized use, release, modification, or destruction of data; and/or conducting information technology architecture reviews and risk assessments.
  • High –energy self-starter who thrives in large, complex environments and challenging situations; must have the ability to adapt to change quickly and adjust work in a positive, professional manner;  ability to work in a dynamic environment with multiple time constraints.
  • Knowledge of information security management frameworks (e.g. COBIT, ITIL, NIST Cybersecurity Framework, SANS Top 20 Critical Security Controls).



All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.

Relevant military experience is considered for veterans and transitioning service men and women.

Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.