About this role:

The Enterprise Data Loss Prevention (EDLP) Innovation team Lead Information Security Analyst is a key role supporting our mission to prevent inappropriate external sharing and distribution of sensitive company, customer and employee information.  Responsibilities include, but aren't limited to:

- Designing, implementing and tuning rules and techniques to prevent risky user behaviors in partnership with security, investigative partners, business groups and other stakeholders.

- Lead and support enterprise transition to next-generation cloud-based DLP solutions.
- Lead and support ongoing rule/technique change management and associated controls execution.
- Assist with inquiries from risk partners, Internal Audit and regulatory bodies on EDLP controls and procedures.

In this role, you will:

• Provide advanced information security consultation for all aspects of information security compliance policy, risk management, and remediation
• Direct information security risk assessment and research, and recommend remediation plans and strategies
• Influence stakeholders on net new or on material changes to an asset to influence control decisions
• Provide consulting on security risk assessment and research, and recommend remediation plans and strategies
• Act as more experienced lead to the organization to develop security risk awareness and mitigating actions
• Consult the organization on complex security issues and findings
• Manage the most complex and critical information assets
• Evaluate and interpret internal and companywide information security policies, processes, standards, and participate with more experienced leaders in decision making on information security
• Collaborate and consult with peers, colleagues, and mid-level to more experienced managers to resolve issues and achieve goals
• Lead projects and teams
• Coordinate with vendor manager on third party assets to manage information security risks
• Serve as a mentor to less experienced staff

Required Qualifications, US:

• 5+ years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education

Desired Qualifications:

• 3+ years of Data Loss Prevention policy design and implementation experience including exact data matching, regular expressions and other techniques to reduce false positives.
• 2+ years of experience working with Cloud DLP solutions such as CASB, cloud-native DLP and/or security policies, etc.
• 2+ years of Information Security Governance, Risk and Change Management (GRC) experience.
• CISSP, CCSP or other applicable InfoSec qualifications

Job Expectations:

• Ability to work weekends and holidays as needed

Locations:

• Boston, MA
• Chandler, AZ
• Chicago, IL
• Concord, CA
• Irving, TX
• Minneapolis, MN
• New York, NY
• Philadelphia, PA
• Charlotte, NC
• Raleigh, NC
• Saint Louis, MO
• Des Moines, IA

This position is not eligible for visa sponsorship

Pay Range

We Value Diversity

At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements.

Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.