About this role:
Wells Fargo is seeking a Senior Lead Technology Risk Officer to join the Technology Risk Management Organization within Corporate Risk. In this role, you'll provide second line oversight of cybersecurity risk management practices across the enterprise, ensuring alignment with regulatory expectations, internal risk frameworks, and industry standards. Learn more about the career areas and lines of business at .
In this role, you will:
Evaluate and Challenge (For one or more of the areas listed below):
Cyber Incident Response Oversight: Including classification, investigation, escalation, containment, recovery, and closure to ensure timely and effective handling of cybersecurity events.
Infrastructure security: Including networks, workspace, and data stores.
Application security: Including pen testing, application threat modeling and application security testing
Identity and Access Management Oversight: Including authentication, authorization, privileged access, remote access, and segregation of duties.
Information Protection Oversight: Including data leakage prevention, information classification, encryption, and disclosure controls to ensure sensitive data is adequately protected.
Security Monitoring Oversight: Including the effectiveness of security event monitoring, log collection, dashboard governance, and threat actor analysis to ensure proactive detection and response capabilities.
Vulnerability Management Oversight: Including lifecycle of vulnerability management including discovery, identification, monitoring, remediation, and reporting to ensure timely mitigation of technical risks.
Cyber Threat Intelligence and Adversary Hunting: Including threat intelligence is effectively gathered, analyzed, and used to inform defenses against emerging threats and adversary tactics.
Risk Reporting and Communication: Deliver clear, actionable insights and reporting on cybersecurity risk exposures to senior management, risk committees, and regulatory bodies.
Stakeholder Engagement: Collaborate with first-line cybersecurity teams, technology, compliance, legal, and internal audit to ensure a cohesive and effective cybersecurity risk management approach.
Required Qualifications:
7+ years of Technology Risk experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education.
Desired Qualifications:
Deep understanding of cybersecurity frameworks (e.g., NIST CSF, ISO 27001, MITRE ATT&CK) and incident response methodologies.
Strong knowledge of identity and access management (IAM) principles, tools, and governance practices.
Expertise in data protection, encryption standards, and information classification.
Experience with security operations, including SIEM, log management, and threat detection technologies.
Expertise with vulnerability management tools, scanning methodologies, and remediation processes.
Knowledge of cyber threat intelligence, adversary behavior analysis, and proactive threat hunting techniques.
Proven ability to assess and challenge cyber risk controls and influence remediation strategies.
Strong communication, analytical, and leadership skills with experience engaging senior stakeholders and regulators.
Experience in a second line of defense or independent cybersecurity risk oversight function is highly desirable.
Job Expectations:
Willingness to work on-site at stated location on the job opening.
This position offers a hybrid work schedule.
This position is not eligible for Visa sponsorship.
Ability to travel internationally and domestically
Posting Locations:
1150 W Washington ST, Tempe, AZ
401 Las Colinas Blvd W, Bldg B, Irving, TX
Arizona – Tempe Pay Range: $159,000.00 - 254,000.00 USD Annually
Texas – Irving Pay Range: $159,000.00 - 254,000.00 USD Annually
Posting End Date:
9 Jul 2026
*Job posting may come down early due to volume of applicants.