Senior Information Security Analyst
1 week ago
Wells Fargo is seeking an Analyst in the area of Information and Cyber Security for the Technology Third Governance function. The role activities includes Identifying, Analyzing and responding to Incidents related to third party service providers
In this role, you will:
- Provide information security consultation to improve awareness and compliance with Enterprise Information Security policy, processes and standards
- Perform remediation of security assessment review issues, complex ad hoc data, and reporting to support information security risk management
- Provide guidance and direction in reviewing assessment findings and mitigating controls to optimize information security
- Identify and direct information asset portfolio reconciliations and certifications
- Provide advanced data aggregation and data of information security risk exposure
- Develop and deliver Information Security Education Awareness and Training in accordance with the Enterprise Information Security Program standards
- Review draft and proposed control standards for business impact and recommend modifications or clarifications as required
- Conduct security control testing and consultation with stakeholders
- Evaluate and interpret internal and Enterprise Information Security policies, processes and standards, and provide recommendations to improve them
- Collaborate and consult with peers, colleagues, and managers to resolve issues and achieve goals
- Interact with internal customers
- Serve as a mentor to less experienced staff
- 4+ years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
- 8+ years of experience working in Information Security
- 6+ Years of experience in Incident management/Third Party Risk Management / Third Party Information Security risk assessments or Cyber Risk Assessments including Vulnerability Assessments. Bachelor or Masters degree in IT (Computer Science)/ Engineering or respective knowledge through experience.
- Extensive experience within an enterprise scale organization including hands on experience in Information Security Risk analysis
- Experience in communicating technical issues to diverse audience.
- Good Knowledge and demonstrated experience in analysis and dissection of advanced attacker tactics, techniques, and procedures.
- Industry recognized Certifications in Cybersecurity like COMPTIA+, CISSP or other specialized security certifications would be added advantage.
- Demonstrate broad security knowledge across common industry security policy bodies. These may include ISO, NIST, COSO, COBIT, PCI, FFIEC, SOX, SSAE16, and others
- Excellent writing and verbal communication skills, interpersonal and presentation skills, and the proven ability to influence and communicate effectively.
- Demonstrated experience in stakeholder management
- Demonstrated experience of conflict resolution, negotiation and problem identification and solving skills.
- Demonstrated experience in managing complex projects related to information security.
- Comfortable with making and presenting recommendations to a wide audience of stakeholders.
- Lead the continued evolution of Third-Party Incident management and rapid response capabilities and processes.
- Record, monitor, report, escalate and track remediation of Incidents and drive them towards closure.
- Assess third party service provider information security risk in IT infrastructures, applications, and information security programs of varying sizes and complexities.
- Monitor and analyze Bit Sight alerts, identify third party information security risks and notify appropriate parties of the risk.
- Review/analyze third party attestation and certification artifacts (SOC2, SIG, PCI DSS..etc) shared by third parties to identify the information security risks
- Work with cross-functional teams in managing Incidents to ensure that IT systems are operating as designed and that they contain adequate controls.
- Analyze the program results (Findings and Assessment ratings) data on ad hoc basis and provide recommendations to improve the process
- Analyze the data related to information security findings and present meaningful views to relevant stakeholders on the trends and patterns of control gaps.
- Responsible for attending and leading calls with Cyber security teams and other key stakeholders to assess the incident.
- Responsible for participating in requirements gathering, UAT for any new tools/Applications used by the team
- Advises IT and business executives on the status of Cyber Security Incidents and compliance issues based on assessment results and information from various discovery sources, monitoring, and control systems.
- Manage the remediation of gaps through oversight, follow-up and escalation and validate the remediation performed to ensure the gaps are closed.
- Provide subject matter expertise in the Third-Party Incidents Management program and provide timely solutions to identified problems
- Develop Operational metrics reports on a weekly/monthly frequency.
- Evaluate the existing process and generate ideas to enhance effectiveness and efficiency of the process
- Analyze the data related to incident findings and present meaningful views to relevant stakeholders on the trends and patterns of control gaps.
23 Jun 2024
*Job posting may come down early due to volume of applicants.
We Value Diversity
At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.
Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements.
Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.
Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.
Applicants with Disabilities
To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo .
Drug and Alcohol Policy
Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more.
-
Senior Information Security Analyst
2 months ago
bangalore, India Eurofins Full timeJob Description POSITION TITLE (ENGLISH): Senior Information Security Analyst REPORTING TO: Manager WORKING LOCATION: Bangalore We are looking for a delivery focused Information Security Consultant to continuously improve the design of our antivirus and endpoint protection, detection & response environments, and related...
-
Senior Information Security Analyst
3 weeks ago
bangalore, India Eurofins Full timeJob Description POSITION TITLE (ENGLISH): Senior Information Security Analyst REPORTING TO: Manager WORKING LOCATION: Bangalore We are looking for a delivery focused Information Security Consultant to continuously improve the design of our antivirus and endpoint protection, detection & response environments, and related...
-
Information Security Analyst
2 months ago
bangalore, India Amadeus Full timeJob Title Information Security AnalystThe Junior Communication Analyst will fulfill the following tasks: Communication Campaigns Develop and maintain our community on the intranet. Connect and engage with our colleagues globally on our internal social network (Viva Engage) through compelling posts and infographics. Create and manage a metrics framework to...
-
Senior Information Security Analyst
2 months ago
bangalore, India Infoblox Full timeDescription It’s an exciting time to be at Infoblox. Named a Top 25 Cyber Security Company by The Software Report and one of Inc. magazine’s Best Workplaces for 2020, Infoblox is the leader in cloud-first networking and security services. Our solutions empower organizations to take full advantage of the cloud to deliver network experiences...
-
Senior Information Security Analyst
3 weeks ago
bangalore, India Infoblox Full timeDescription It’s an exciting time to be at Infoblox. Named a Top 25 Cyber Security Company by The Software Report and one of Inc. magazine’s Best Workplaces for 2020, Infoblox is the leader in cloud-first networking and security services. Our solutions empower organizations to take full advantage of the cloud to deliver network experiences...
-
Senior Information Security Analyst
3 weeks ago
bangalore, India Infoblox Full timeIt’s an exciting time to be at Infoblox. Named a Top 25 Cyber Security Company by The Software Report and one of Inc . magazine’s Best Workplaces for 2020, Infoblox is the leader in cloud-first networking and security services. Our solutions empower organizations to take full advantage of the cloud to deliver network experiences that are inherently...
-
Senior Information Security Analyst
2 months ago
bangalore, India Infoblox Full timeIt’s an exciting time to be at Infoblox. Named a Top 25 Cyber Security Company by The Software Report and one of Inc . magazine’s Best Workplaces for 2020, Infoblox is the leader in cloud-first networking and security services. Our solutions empower organizations to take full advantage of the cloud to deliver network experiences that are inherently...
-
Information Security Analyst
1 month ago
bangalore, India Koch Global Services Full timeYour Job Cyber Security - Information Security analysts are ultimately responsible for ensuring that the company's digital assets are protected from unauthorized access.This includes securing both online and on-premises infrastructures, weeding through metrics and data to filter out suspicious activity, and finding and mitigating risks before breaches...
-
Information Security Analyst
1 week ago
bangalore, India Koch Global Services Full timeYour Job Cyber Security - Information Security analysts are ultimately responsible for ensuring that the company's digital assets are protected from unauthorized access.This includes securing both online and on-premises infrastructures, weeding through metrics and data to filter out suspicious activity, and finding and mitigating risks before breaches...
-
Information Security Analyst
3 weeks ago
bangalore, India ResMed Full timeThe Information Technology (IT) team plays a key role in providing business enablement throughout ResMed. We are focused on application, infrastructure, and user productivity solutions, with innovation, efficiency and security. Our goal is providing customer oriented agile delivery, effective business partnership and state-of-the-art technology solutions. ...
-
Senior Information Security/Quality
3 weeks ago
Bangalore, India HeadPro Consulting LLP Full timeJob Title : Senior InfoSec Quality & Compliance Analyst Location : BangaloreExperience : 3 - 7 YearsBudget : 17 - 22 LPAMandatory skills :1. Require someone who have good experience in Third Party Risk management2. Need someone who have good knowledge with Cloud infrastructure & general IT Clouds is Preferred 3. Candidate having good Knowledge on One Trust...
-
Senior Information Security/Quality
2 months ago
bangalore, India HeadPro Consulting LLP Full timeJob Title : Senior InfoSec Quality & Compliance Analyst Location : BangaloreExperience : 3 - 7 YearsBudget : 17 - 22 LPAMandatory skills :1. Require someone who have good experience in Third Party Risk management2. Need someone who have good knowledge with Cloud infrastructure & general IT Clouds is Preferred 3. Candidate having good Knowledge on One Trust...
-
Senior Information Security/Quality
2 months ago
Bangalore, India HeadPro Consulting LLP Full timeJob Title : Senior InfoSec Quality & Compliance Analyst Location : BangaloreExperience : 3 - 7 YearsBudget : 17 - 22 LPAMandatory skills :1. Require someone who have good experience in Third Party Risk management2. Need someone who have good knowledge with Cloud infrastructure & general IT Clouds is Preferred 3. Candidate having good Knowledge on One Trust...
-
Senior Information Security/Quality
21 hours ago
bangalore, India HeadPro Consulting LLP Full timeJob Title : Senior InfoSec Quality & Compliance Analyst Location : BangaloreExperience : 3 - 7 YearsBudget : 17 - 22 LPAMandatory skills :1. Require someone who have good experience in Third Party Risk management2. Need someone who have good knowledge with Cloud infrastructure & general IT Clouds is Preferred 3. Candidate having good Knowledge on One Trust...
-
Information Security Analyst III
3 weeks ago
bangalore, India Netskope Full timeAbout Netskope Today, there's more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started Netskope to redefine Cloud, Network and Data Security. Since 2012, we have...
-
Information Security Analyst III
1 month ago
bangalore, India Netskope Full timeAbout Netskope Today, there's more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started Netskope to redefine Cloud, Network and Data Security. Since 2012, we have...
-
Information Security Analyst III
5 days ago
bangalore, India Netskope Full timeAbout Netskope Today, there's more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started Netskope to redefine Cloud, Network and Data Security. Since 2012, we have...
-
Information Security Analyst
2 months ago
bangalore, India Decision Foundry Full timeWelcome to Decision Foundry! We are both a high growth startup and one of the longest tenured Salesforce Marketing Cloud Implementation Partners in the ecosystem. Forged from a 19-year-old web analytics company, Decision Foundry is the leader in Salesforce intelligence solutions. We win as an organization through our core tenets. They include: One Team....
-
Information Security Analyst
3 weeks ago
bangalore, India Decision Foundry Full timeWelcome to Decision Foundry! We are both a high growth startup and one of the longest tenured Salesforce Marketing Cloud Implementation Partners in the ecosystem. Forged from a 19-year-old web analytics company, Decision Foundry is the leader in Salesforce intelligence solutions. We win as an organization through our core tenets. They include: One Team....
-
Information Security Analyst
21 hours ago
bangalore, India Eurofins Full timeJob Description POSITION TITLE (ENGLISH): Information Security Analyst (L1 SOC) REPORTING TO: Manager REPORTING LOCATION: Bangalore POSITION & OBJECTIVES : Eurofins is ramping up the Security Operations Center and has a need to extend the L1 incident response team. The person working in L1 SOC team operates the security...
