Build Your Career in Cybersecurity -
YOUR WAY

Job Description

Wells Fargo is seeking a Lead Technology Business Consultant to serve on our Network Security infrastructure team. Learn more about our career areas and lines of businesses at wellsfargojobs.com.

About this role:

We are seeking a Lead Technology Business Consultant with experience in one or more of the following technical areas: web proxy servers, firewalls, microsegmentation, remote access, zero trust network access, and web application firewalls. In this role, you will own the product vision, roadmap, and investment strategy enabling the timely delivery of our products to our customers. As a Lead Technology Business Consultant, you will also prioritize the backlog and incoming expedited requests by collaborating with your delivery team(s) and the customer.

• Lead complex initiatives to provide technological solutions with broad impact for cross functional businesses and technology teams
• Act as a key participant in providing strategic business solutions to companywide technology initiatives
• Evaluate highly complex business problems and provide subject matter knowledge proficiency for technology initiatives
• Define and lead detailed research on business and technology requests to develop efficient and accurate functional requirements
• Make decisions in highly complex and multifaceted situations requiring solid understanding of domain and technology applications, and which influence companywide technology solutions
• Lead project or systems documentation, and monitor and manage project schedules and deliverables
• Collaborate and consult with business and technology teams to provide comprehensive technological solutions for complex business problems
• Ensure communication and information flow between business and technology teams

Required Qualifications:

• 5+ years of product owner experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 5+ years of experience with Agile practices and frameworks (e.g., Kanban, Scrum, etc.) and workflow and collaboration tools, such as Confluence, Jira and Jira Align
• 3+ years of experience with web proxy servers, firewalls, microsegmentation, remote access, zero trust network access, and web application firewalls

Desired Qualifications:

• 5+ years of experience leading large scale, very complex product portfolios with broad scope and impact across large organizations.
• Experience transitioning teams to agile product and portfolio management.
• One or more of the following:
• Experience building next generation data center network security solutions and scale migration from legacy to the best-in-class data center environment.
• Experience with application delivery services including web application firewalls and web proxy.
• Experience with cloud technologies enabling shift from on-premise infrastructure.
• Experience with network security infrastructure automation.

• Job Expectations and Core Values:

• Be Humble: You're smart yet always interested in learning from others

• Work Transparently: You always deal in an honest, direct, and transparent way.

• Take Ownership: You embrace responsibility and find joy in having the answers

• Learn More: You regularly self-educate and improve your skill set.

• Show Gratitude: You show appreciation and respect to those you work with

• Compensation for this role in NY is between $115,900 to $206,100 depending on experience and level of expertise.

• Compensation for this role in Iselin NJ is between $106,300 to $188,900 depending on experience and level of expertise.

• Compensation for this role in NC, TX and AZ is between $96,600 to $171,800 depending on experience and level of expertise.

• No sponsorship is offered for this role

• Hybrid Work Schedule

• Ability to Travel up to 10%

Posting End Date:

24 Nov 2024

Job posting may come down early due to volume of applicants.

We Value Diversity

At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.

Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.

Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.

Applicants with Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.

Drug and Alcohol Policy

Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more.

Wells Fargo Recruitment and Hiring Requirements:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.

b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.

Summary

Apple Services Engineering (ASE), the team behind Apple Services (iCloud, App and Media) and the infrastructure that powers it, is looking for security engineers to partner with engineering teams working on significant services. You will collaborate with developers, site reliability engineers, and security teams to protect ASE services.

Your work will include end-to-end security assurance activities including security architecture, threat modeling and extensive security testing. The ASE Security Red Team focuses on deep technical security review work of critical ASE services and infrastructure. These security reviews will either be scoped and focused on review depth, or objective oriented with exploit chain enumeration.

You will be working with partner teams in security engineering, privacy, detection and design review to keep Apple's services secure for our users. If you love diving into complex and important system, and driving the security of that system over time, we want to talk to you!

• Scope and lead focused security reviews on critical internet scale applications and supporting infrastructure.
• Learn the services architecture and risk profile to build a scope that enables meaningful security review.
• Conduct high-depth and quality reviews.
• Go beyond vulnerabilities by communicating important observations with stakeholders and leadership.
• Lead and scope goal or objective oriented Red Team exercises, including phases of attacker emulation: reconnaissance, exploitation, pivoting, and stealth.
• Help define, document, and automate security best practices.
• Advocate for platform-wide security enhancements.

You will be:

• A technical expert responsible for enumerating risks or exploit chains.
• A technical expert capable of identifying engagement scope, planning reviews, then executing those reviews to identify vulnerabilities and improvement opportunities.
• Able to identify areas that are ripe for improvement and establish appropriate security goals.
• Adept at building relationships with engineering and leadership teams to drive security improvements.
• Current on new security technologies, vulnerabilities, and methodologies.
• An excellent verbal and written communicator.
• Able to develop proof of concept systems to automate security recommendations, vulnerability discovery, and process workflows.
• Responsible for security decisions impacting hundreds of millions of users.

Required Qualifications

• 6+ years in an information security field or software engineering
• Four or more of those years conducting security reviews
• Bachelor's degree in Computer Science / Engineering or a related field, with emphasis in security-related areas (or equivalent experience)
• Extensive infrastructure, cloud, and application security experience
• Ability to reason about security of a large and complex application or infrastructure
• Desire to go deep on complex systems for extended engagements

Preferred Qualifications

• Desire to construct narratives and build exploit chains that relate to the business
• Ability to reason about and influence software architecture for security
• Community contributions like public CVEs, bug bounty recognition, open source tools, blogs, talks etc.
• Threat modeling and communicating risk to engineering and leadership teams

Pay & Benefits

At Apple, base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $166,600 and $296,300, and your base pay will depend on your skills, qualifications, experience, and location.

Apple employees also have the opportunity to become an Apple shareholder through participation in Apple’s discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple’s Employee Stock Purchase Plan. You’ll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses — including tuition. Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation.

Learn more about Apple Benefits.

Note: Apple benefit, compensation and employee stock programs are subject to eligibility requirements and other terms of the applicable plan or program.

Additional Information

Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant.

Citizens currently has an opening on Operational Risk Management team focused on Cybersecurity risk. The role will provide independent oversight, review, and challenge of information security and technology related risks. The colleague works with key stakeholders across the enterprise ensuring material risks within these groups are well defined and managed appropriately. It is expected that this colleague has strong domain knowledge of emerging technology risks, information security standards, best practices, US regulatory requirements, and the external environment.

• This colleague will be focused on the information security and technology space. Primary responsibilities include independent oversight, review, and challenge of risk management activities within the first line of defense, including the effectiveness of the formal risk program activities. Activities include Risk and Control Self-Assessments, Issues Management, Material Risk Identification, Change Management, new business initiative risk assessments, and other formal programs.
• Advise first line risk partners on complex risk issues and challenges, while identifying and assessing aggregate enterprise-wide risks. Working with key stakeholders, including all three lines of defense, escalate emerging risk issues that require remediation and work directly with stakeholders while driving accountability. Maintain strong relationships with all three lines of defense, as well as the regulatory agencies.
• Understand the external environment, including emerging risks within the industry and the priorities of the regulatory agencies. Determine how these changes affect the risk profile of the enterprise and work with appropriate stakeholders to ensure mitigation strategies are underway.
• Participate in the cybersecurity incident response activities to ensure risks are properly assessed in real time and mitigating actions are appropriate. Post incident, lead or participate in root cause analysis and opine on next steps.
• Lead targeted risk assessments on emerging issues to provide an independent opinion on the impact to the enterprise.
• Operate within existing governance structures with an eye towards making these processes more efficient and effective. Manage applicable policy and program governance, while performing assurance activities to assess corporate wide compliance.
• The role may be co-located as needed with the relevant business and must be actively engaged to support the business with providing domain-relevant advice, monitoring, and credible expert challenge to ensure the independent Operational Risk Management Program is effectively implemented.

Required Experience

• 4+ years risk management experience from working in financial services industry.
• 4+ years demonstrated domain expertise and experience within the information security and technology risk areas.
• Experience in an organization that is under strong regulatory oversight and scrutiny.
• Proven ability to develop and maintain high impact relationships with senior executives.
• Expert knowledge of internal controls and risk assessment
• Deep understanding of banking products and operations; regulatory requirements; and key processes, controls, and exposure areas
• Influencing and conflict resolution skills
• Excellent business writing skills
• Proficient use of MS Word, Excel and PowerPoint

Education

• Bachelor’s degree Required.

Preferred Qualifications

• Certifications Preferred: Certified Information System Security Professional, Certified Information Security Manager Certified Information Systems Auditor, Certified in Risk and Information System Controls, or other relevant risk certifications.

Hours & Work Schedule: Hybrid - 3 days in the office, 2 working from home.

• Hours per Week: 40
• Work Schedule: Monday - Friday
• #LI-CITIZENS2