Wells Fargo

Lead Control Management Officer – Platform Assurance

Wells Fargo

full-time

Posted on:

Location Type: Hybrid

Location: CharlotteArizonaMinnesotaUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $100,000 - $196,000 per year

Job Level

Senior

Tech Stack

AWSAzureCloudCyber SecurityGoogle Cloud Platform

About the role

  • Lead complex initiatives designed to mitigate current and emerging risks with broad impact
  • Act as key participant in monitoring, evaluating, and measuring the impact of decisions practiced in Control Management functional area
  • Monitor moderately complex business specific programs, and provide risk management consulting to support the business in designing and implementing risk-mitigation strategies
  • Monitor, measure, evaluate, and report on the impact of decisions and controls to the relevant business group or functional area
  • Develop and implement risk monitoring and risk reporting processes and controls
  • Collaborate with relevant business group to identify current and emerging risks associated with business activities and operations, and provide guidance in developing and implementing risk-mitigating strategies
  • Lead Control Management project or virtual teams
  • Lead and perform complex platform assurance assessments across IT General Controls (ITGC), platform engineering controls, and supporting technology services.
  • Conduct hand on control testing and evaluation for emerging technology including cloud (Azure, GCP, AWS), private cloud, IAM, CI/CD, data platforms, databases, and container platforms.
  • Identify and assess Consumer/Producer requirements and evaluate their implementation across enabling technologies and system-of-record governance.
  • Analyze evidence, document findings, and assess platform risk posture with clear articulation of control impacts.
  • Identify technology risks related to access, configuration, deployment pipelines, data protection, and operational resilience.
  • Support issue lifecycle activities including root cause analysis, remediation plan review, control design improvement, and evidence validation.
  • Contribute to thematic analysis across assessment outputs, threat modeling, Red Team exercises, and audit reviews.
  • Assist with maintaining and maturing the platform control framework across Cloud, IAM, CI/CD, Data Management, and PAM domains.
  • Support governance routines, audit readiness, regulatory documentation, and senior reporting packages.
  • Maintain high‑quality assessment artifacts, testing documentation, and risk summaries for leadership and committees.
  • Work with platform engineering, cyber security, architecture, and application teams to interpret control requirements and support remediation.
  • Lead and conduct technical walkthroughs, testing plan, evidence reviews, and control discussions across diverse stakeholder groups.
  • Build effective relationships across Technology and Control Management to drive consistent risk management practices.
  • Recommend enhancements to assessment methodology, testing processes, automation, and telemetry‑based monitoring.
  • Stay current on emerging technology trends, cloud control models, and regulatory expectations impacting financial institutions.
  • Contribute to initiatives that improve the control environment, technology risk governance, and overall program maturity.
  • Provide guidance and mentorship to junior assessors and team members.

Requirements

  • 5+ years of Risk Management or Financial Services Industry experience, or equivalent experience demonstrated through one or a combination of the following: work experience, training, military experience, education.
  • 5+ years of Technology Risk, Control Management, Information Security, IT Audit, SOX1 or related experience.
  • 3 + years experience assessing or testing ITGCs, platform controls, cloud technologies, IAM, CI/CD pipelines, or data platforms.
  • Certifications such as Cloud Security Engineer, security Architect, CISSP, CISA, CRISC, or similar.
  • Experience with monitoring tools, configuration management, or automation technologies.
  • Knowledge of encryption standards, data protection, container security, or identity governance frameworks.
  • Strong written and verbal communication skills and the ability to collaborate across diverse partner groups.
  • Ability to manage multiple assessments and deadlines in a matrixed environment.
  • Ability to engage and influence partners across Technology, Cyber Security, Architecture, and Risk.
  • Ability to perform complex assessments and clearly convey control weaknesses and recommendations.
Benefits
  • Health benefits
  • 401(k) Plan
  • Paid time off
  • Disability benefits
  • Life insurance, critical illness insurance, and accident insurance
  • Parental leave
  • Critical caregiving leave
  • Discounts and savings
  • Commuter benefits
  • Tuition reimbursement
  • Scholarships for dependent children
  • Adoption reimbursement
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Risk ManagementControl ManagementIT General Controls (ITGC)Cloud TechnologiesIdentity and Access Management (IAM)CI/CD PipelinesData PlatformsControl TestingRisk AssessmentThreat Modeling
Soft Skills
CommunicationCollaborationMentorshipAnalytical ThinkingProblem SolvingInfluencingProject ManagementStakeholder EngagementDocumentationLeadership
Certifications
Cloud Security EngineerSecurity ArchitectCISSPCISACRISC