Responsible for developing and maintaining the technical IT / cyber security capabilities necessary for safeguarding the firm's information systems and applications (software development lifecycle), including every phase of the SDLC and software stack. Design, plan, test and implement phases of cybersecurity technology projects.

Telecommuting/Remote workstyle may be considered for well-qualified individuals located outside of the Truist footprint. Teammate will work hours supporting Eastern Standard Time

• Develop and maintain the technical IT/cyber capabilities including all phases of the software development lifecycle and software stack which includes threat modeling of application designs, static application security testing (SAST), software composition analysis (SCA), dynamic application security testing (DAST), and penetration testing.
• Lead efforts related to designing, planning, enhancing, and testing all cybersecurity technologies used throughout the enterprise including base-lining current systems, trend analysis, and capacity planning as required for future systems requirements and new technologies.
• Analyze information to determine, recommend, and plan the use of new information security technologies, or modifications to existing equipment and systems that will provide capability for proposed project or workload, efficient operation and effective use of allotted resources.
• Lead the implementation of new information security technologies or integration of existing technologies including initial configuration, installation, change management, and operational handoff.
• Use sophisticated analytical thought through models, testing, and experience to exercise judgment and identify innovative solutions.
• Responsible for technical support of information security technologies providing expert problem analysis and resolution in a timely manner.
• Leads teams or projects with moderate resource requirements, risk, and complexity.

Required Qualifications:

• Bachelor’s degree and eight years of experience in systems engineering or administration or an equivalent combination of education and work experience.
• Deep specialized and/or broad functional knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering, and Mainframe security.
• Previous experience in leading complex IT projects.

Preferred Qualifications:

• Banking or financial services experience.
• 3 - 5 years experience in the following: Scripting languages: Powershell, Python, or Javascript; DevOps Tools: Git, Gitlab, Azure DevOps.
• 3 - 5 years experience Data Analysis, Data Aggregation, and Data Visualization using any of the following: Database Platforms (MS SQL, Oracle, DB2, Netezza, SAP HANA, Postgres).
• 3 - 5 years experience in administration of any combination of the following systems: Windows Servers/Workstation, Linux/Unix Servers Workstations, Active Directory Administration, Entra ID Administration, Network Security Administration Experience with switches/firewalls/IPS/IDS.
• CISSP Certification.
• 2 - 4 years of Project Management or leading Projects.
• 1 - 2 years experience with a Privileged Access Management Solution (i.e., CyberArk, BeyondTrust, Delinea, etc.).

Telecommuting/Remote workstyle may be considered for well-qualified individuals located outside of the Truist footprint. Teammate will work hours supporting Eastern Standard Time

Other Job Requirements / Working Conditions

Sitting

Constantly (More than 50% of the time)

Visual / Audio / Speaking

Able to access and interpret client information received from the computer and able to hear and speak with individuals in person and on the phone.

Manual Dexterity / Keyboarding

Able to work standard office equipment, including PC keyboard and mouse, copy/fax machines, and printers.

Availability

Able to work all hours scheduled, including overtime as directed by manager/supervisor and required by business need.

Travel

Minimal and up to 10%

General Description of Available Benefits for Eligible Employees of Truist Financial Corporation: All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist’s generous benefit plans, please visit our Benefits site. Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work.

Truist supports a diverse workforce and is an Equal Opportunity Employer that does not discriminate against individuals on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status or other classification protected by law. Truist is a Drug Free Workplace.

EEO is the Law [Pay Transparency Nondiscrimination Provision](https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp_ English_formattedESQA508c.pdf) E-Verify

Role Summary

A role that is responsible for leading portions of the identity management and access control functions as described by industry best practices such as NIST and FFIEC. This will include a subset of the following sub-functions: a) request b) provisioning c) deprovisioning d) normal access e) privileged access f) attestations g) identity governance administration h) identify management platforms i) production support j) authentication k) authorization and l) cloud.

Company Overview

NA

• Align with IAM-wide priorities that define ‘our what’ that may change based on business need
• Consistently align with Truist Vision, Mission and Values and demonstrate ‘our how’ IAM works:
• Accountability: set expectations, hold teams accountable, check-in and provide feedback
• Remove ‘IAM Blinders’: take a Truist-wide approach to owning and resolving challenges
• Strengthen Team: coach-up, performance manage, develop, and reward top performers/visibility
• Management System: establish and cascade a predictable schedule for team engagement
• Continuous Improvement: consistently seeking ways to get better
• Manage a team of 5 to 10 direct report teammates and contract workers who oversee defined structured process tasks; may have oversight for complex, unstructured processes.
• Perform hiring, coaching, terminations, disciplinary action, and performance reviews to enable and maintain the strategy.
• Oversee strategic and operational plans in support of business objectives; develop cross-departmental business cases to solve problems by making technical and financial tradeoffs.
• Apply a balance of 40% technical and 60% functional knowledge to deliver quality results.
• Design and implement the identity management and access control strategy on time and within budget:
• Formal Services Level Agreements (SLAs)
• Workforce strategy blend of ~30% onshore and ~70% offshore that is comprised of ~30% teammate, ~60% vendor managed service, and ~10% time and material contract workers
• Improve the user experience and reduce the turnover of critical resources
• Proactively engage with stakeholders to make them aware and willing to adopt our solutions, which includes managing up, out, and down to avoid surprises and position our solutions to be successful.

Required Qualifications:

• Bachelor’s degree or equivalent
• 15 years’ technical experience working in the identity and access management control function
• 10 years’ experience as a manager
• 10 years’ experience in operational planning and execution
• 10 years managing simple and structured work
• 10 years managing complex and unstructured work
• 10 years’ experience leading diverse teams, such as teammates, contract workers, onshore, offshore resources, and/or managed services
• 5 years’ experience and expert-level technical knowledge of product knowledge and processes for specific IAM areas (e.g., Active directory, RACF, Idaptive, CyberArk, PRIVA, Oracle OIM, Persistent Ignite)
• 10 years’ experience and basic functional knowledge of tools and processes for the broader IAM capability
• 10 years’ experience and intermediate-level strength in soft skills and interpersonal communications
• 10 years’ technical experience working for a top 10 US bank
• 10 years’ experience collaborating with the following functions: a) infrastructure b) application development c) application support d) business unit risk management e) technology risk f) audit and g) external auditors
• 10 years’ experience collaborating with the following peer functions in corporate cyber security
• 10 years’ experience managing the remediation of regulatory matters and internal findings
• 10 years’ experience in strategic planning and applying industry best practices to operations (NIST, FFIEC)

Preferred Qualifications:

• Master’s degree
• Understand multiple approaches to designing IAM technical solutions
• Experience in waterfall and agile project management methodologies
• Experience managing contracts for IAM managed service providers
• CISSP Certification

General Description of Available Benefits for Eligible Employees of Truist Financial Corporation: All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist’s generous benefit plans, please visit our Benefits site. Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work.

Truist supports a diverse workforce and is an Equal Opportunity Employer that does not discriminate against individuals on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status or other classification protected by law. Truist is a Drug Free Workplace.

EEO is the Law, [Pay Transparency Nondiscrimination Provision](https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp_ English_formattedESQA508c.pdf), and E-Verify.

About this role:

Wells Fargo is seeking a Lead Information Security Analyst in Technology as part of Cybersecurity. Learn more about the career areas and lines of business at wellsfargojobs.com.

Be a lead team member of the IAM Operations Access Review/Certifications team responsible for supporting and maintaining compliance of enterprise certification solutions and controls.

• Provide advanced information security consultation for all aspects of information security compliance policy, risk management, and remediation
• Direct information security risk assessment and research, and recommend remediation plans and strategies
• Engage with technology teams, risk and LOB contacts to consult and advise on enterprise certification controls and tools.
• Perform evidence gathering and audit walk-throughs for audit engagements.
• Educate and support certifying managers on certification execution and accountability. Ensure timely completion of certifications.
• Perform compliance and oversight activities to support certification controls.
• Maintain an awareness of bank security policies and government regulations pertaining to information security
• Collaborate and consult with peers, colleagues, and managers to resolve issues and achieve goals
• Interact with internal customers

Required Qualifications:

• 5+ years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 3+ years of identity and access management experience in one or more of the following: provisioning, de-provisioning, certification, authorization or authentication

Desired Qualifications:

• Knowledge and understanding of business requirements. Ability to gather and translate to technical requirements
• Ability to work effectively and independently in a remote team environment
• Ability to prioritize work, meet deadlines, and achieve deliverables
• Strong organizational, multi-tasking, and prioritizing skills
• Customer service focus with the ability to respond to requests in a timely manner
• Ability to present complex material in a digestible, consumable manner to all levels of management
• Experience working in a large enterprise environment
• Strong analytical skills with high attention to detail and accuracy
• Intermediate Microsoft Office (Word, Excel, Outlook, PowerPoint, Access, and Project) skills
• Knowledge and understanding of information security industry standards and government regulations
• Ability to take an active role in the education, mentoring, and training of less experienced team members
• Knowledge and understanding of agile methodologies and processes
• Excellent verbal, written, and interpersonal communication skills
• Knowledge and understanding of information technology governance risk and compliance processes such as; policies, control standards, risk management concepts, or information security
• Experience working in or implementing an Identity and Access Management (IAM) product or tool
• Experience and understanding of application security architecture
• Knowledge of Service Now

Posting End Date: 17 Nov 2024

Job posting may come down early due to volume of applicants.

We Value Diversity

At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.

Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.

Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.

Applicants with Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.

Drug and Alcohol Policy

Wells Fargo maintains a drug free workplace.  Please see our Drug and Alcohol Policy to learn more.

Wells Fargo Recruitment and Hiring Requirements:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.

b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.