Lead Control Management Officer-Information Security

About This Role

Wells Fargo is seeking a Lead Control Management Officer

In This Role, You Will

• Lead complex initiatives designed to mitigate current and emerging risks with broad impact
• Act as key participant in monitoring, evaluating, and measuring the impact of decisions practiced in Control Management functional area
• Monitor moderately complex business specific programs, and provide risk management consulting to support the business in designing and implementing risk-mitigation strategies
• Monitor, measure, evaluate, and report on the impact of decisions and controls to the relevant business group or functional area
• Develop and implement risk monitoring and risk reporting processes and controls
• Collaborate with relevant business group to identify current and emerging risks associated with business activities and operations, and provide guidance in developing and implementing risk-mitigating strategies
• Lead Control Management project or virtual teams
  
  

Required Qualifications:

• 5+ years of Risk Management or Control Management experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  
  

Desired Qualifications:

• Partner with Cybersecurity to identify current and emerging risks across business operations and provide strategic guidance for risk-mitigation initiatives.
• Ensure the technology environment leverages appropriate tools, processes, and expertise to effectively manage cybersecurity and technology risks.
• Drive consistent execution of the Risk Management Framework to strengthen Front-Line risk ownership, coordinating issue analysis, thematic reviews, control evaluations, and remediation across functions.
• Assess technology and cybersecurity risks using frameworks such as RCSA and other industry standards.
• Collaborate with Cybersecurity leadership to oversee the full lifecycle of risks, from identification through remediation and closure.
• Perform Test of Design (TOD) and Test of Performance (TOP) to validate control design and operating effectiveness.
• Review and challenge mitigation and remediation plans, advising on effectiveness and alternative strategies.
• Foster collaboration across First, Second, and Third Lines of Defense, as well as Cybersecurity teams, to ensure integrated risk management.
• Provide credible challenge on processes, systems, and decisions to optimize business outcomes and strengthen risk posture.
• Deliver high-quality risk management outputs and insights to senior Technology leaders through a matrixed engagement model.
• Evaluate new products, solutions, and projects to assess control adequacy and associated risks.
• Manage the portfolio of issues, policy exceptions, and risk acceptances, including third-party risk, ensuring timely and effective mitigation.
• Conduct gap analyses against policies and regulatory requirements to identify compliance risks.
• Perform root cause analysis on technology incidents to uncover control weaknesses and define corrective actions.
• Produce actionable risk reports and dashboards for Cybersecurity leadership and governance forums.
• Lead complex, enterprise-wide initiatives to address current and emerging technology risks.
• Monitor, evaluate, and measure the impact of decisions within the Control Management function to ensure continuous improvement.
• Design and implement robust risk monitoring and reporting processes to enhance transparency and accountability.
  
  

Job Expectations:

• Extensive experience in Information Security, Cloud Security, and leading control frameworks, including NIST Cybersecurity Framework & 800-53, CIS Top 20 Controls, FFIEC IT Handbooks, COBIT, FedRAMP, ISO 2700x, and ITIL.
• Advanced certifications highly valued: CISA, CRISC, CISSP, CCSP, CCAK, CEH, and ISACA credentials such as CSX Nexus Cybersecurity and Cybersecurity Audit Certificates.
• Proven expertise in Issue Management, Audit Management, and Control Design & Governance.
• Strong background in Process Modeling, Process Design, and Risk Control Frameworks.
• Hands-on experience in Infrastructure Security, Data Protection, and Data Analytics for risk insights and decision-making.
• Industry experience within financial institutions or Big Four/accounting firms, ensuring familiarity with regulatory and compliance requirements.
• Exceptional verbal, written, and interpersonal communication skills for stakeholder engagement and reporting.
• Demonstrated ability to lead audit projects, provide constructive feedback, and mentor teams.
• Deep understanding of Technology Risk Management, including policies, standards, and regulatory frameworks.
• Previous leadership experience with a track record of driving risk governance and control assurance initiatives.
  
  

Posting End Date:

17 May 2026

• Job posting may come down early due to volume of applicants.
  
  

We Value Equal Opportunity

Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements.

Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.

Applicants With Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo .

Drug and Alcohol Policy

Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more.

Wells Fargo Recruitment And Hiring Requirements

• Third-Party recordings are prohibited unless authorized by Wells Fargo.
• Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.
  
  

Reference Number

R-523264