Wells Fargo is seeking a Lead Technology Control Officer to support execution of the Platform Assurance program within Technology Control. This role provides testing, advanced control assessment expertise, conducts deep‑dive risk evaluations across critical platforms, and partners with Technology, Cyber Security, Architecture, and Control Management teams to identify and mitigate risk.
The Lead Officer will help drive platform testing activities, support issue management, contribute to control framework enhancements, and ensure adherence to corporate risk programs and regulatory expectations.
Lead and perform complex platform assurance assessments across IT General Controls (ITGC), platform engineering controls, and supporting technology services, including technical walkthroughs, testing plans, evidence reviews, and control discussions across diverse stakeholder groups.
Conduct hands-on control testing and evaluation for emerging technology including cloud (Google Cloud Platform (GCP), Amazon Web Services (AWS), and Azure), private cloud, Identity and Access Management (IAM), CI/CD, data platforms, databases, and container platforms.
Identify and assess Consumer/Producer requirements and evaluate their implementation across enabling technologies and system-of-record governance.
Analyze evidence, document findings, assess platform risk posture, and identify technology risks related to access, configuration, deployment pipelines, data protection, and operational resilience.
Support issue lifecycle activities including root cause analysis, remediation plan review, control design improvement, evidence validation, and support remediation with platform engineering, cyber security, architecture, and application teams.
Contribute to thematic analysis across assessment outputs, threat modeling, Red Team exercises, and audit reviews.
Assist with maintaining and maturing the platform control framework across Cloud, IAM, CI/CD, Data Management, and PAM domains, and contribute to initiatives that improve the control environment, technology risk governance, overall program maturity, assessment methodology, testing processes, automation, and telemetry-based monitoring.
Support governance routines, audit readiness, regulatory documentation, senior reporting packages, assessment artifacts, testing documentation, and risk summaries for leadership and committees.
Build effective relationships across Technology and Control Management to drive consistent risk management practices.
Stay current on emerging technology trends, cloud control models, and regulatory expectations impacting financial institutions.
Provide guidance and mentorship to junior assessors and team members.
Certifications such as Cloud Security Engineer, Security Architect, CISSP, CISA, CRISC, or similar.
Experience with monitoring tools, configuration management, or automation technologies.
Knowledge of encryption standards, data protection, container security, or identity governance frameworks.
Strong written and verbal communication skills and the ability to collaborate across diverse partner groups.
Ability to manage multiple assessments and deadlines in a matrixed environment.
Ability to engage and influence partners across Technology, Cyber Security, Architecture, and Risk.
Ability to perform complex assessments and clearly convey control weaknesses and recommendations.
Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to demonstrated examples of prior performance, skills, experience, or work location. Employees may also be eligible for incentive opportunities.