Senior Information Security Engineer Sunrise Validations

Wells Fargo Bank•Charlotte, NC

11h•Hybrid

About The Position

Wells Fargo is seeking a Senior Information Security Engineer to partner with leaders across Information Security and Wells Fargo Technology to ensure information security risk is identified, assessed, and addressed during the application Sunrise process. In this role, you will oversee Sunrise validation, guide application and line-of-business teams through required controls and evidence collection and identify gaps against established criteria. You will clearly communicate risk and remediation expectations, and, when needed, consult teams through the exception process. In this role, you will Lead application onboarding through Information Security controls and the Sunrise Validation process. Challenge and coach application teams to ensure required steps are completed, evidence is documented, and risks are escalated appropriately. Create and maintain program documentation, playbooks, and strategy materials. Assess the feasibility and applicability of adding or removing information security validations from Sunrise scope. Drive automation and process improvements that reduce friction for application teams while maintaining strong control coverage. Support delivery of high-profile technology initiatives and regulatory or audit commitments. Ensure supported areas meet compliance and risk management requirements; partner with stakeholders to deliver key risk initiatives. Act as a liaison between Information Security and line-of-business teams to coordinate reviews, decisions, and outcomes. Provide security consulting for medium-complexity initiatives to ensure alignment with corporate information security policies and standards. Drive identification, prioritization, remediation, and sustained closure of self-identified issues, audit issues, corrective actions, and other high-priority security commitments. Design, document, test, and maintain moderately complex security solutions across areas such as networking, cryptography, cloud, IAM (authentication/directory services), email/internet security, application security, and endpoint security. Apply industry-leading security solutions and best practices across availability, integrity, confidentiality, risk management, threat identification/modeling, monitoring, incident response, access management, and business continuity. Collaborate with peers, partners, and leaders to resolve issues, remove blockers, and deliver outcomes.

Requirements

4+ years of Information Security Engineering experience (or equivalent demonstrated through work experience, training, military experience, or education)
2+ years of experience in compliance or operational risk management (e.g., audit, legal, credit risk, market risk), or accountability for compliance/operational risk in a business process
Ability to translate technical risk and information protection findings into clear, actionable guidance for business and technology leaders
4+ years of software development or digital product management experience
Financial services industry experience
Advanced experience in the use of Jira as a product manager
Strong Microsoft Office skills (Excel, PowerPoint, Word)
Excellent verbal, written, and interpersonal communication skills
Strong analytical and problem-solving skills with high attention to detail
Ability to influence and partner effectively across all levels of the organization

Responsibilities

Lead application onboarding through Information Security controls and the Sunrise Validation process.
Challenge and coach application teams to ensure required steps are completed, evidence is documented, and risks are escalated appropriately.
Create and maintain program documentation, playbooks, and strategy materials.
Assess the feasibility and applicability of adding or removing information security validations from Sunrise scope.
Drive automation and process improvements that reduce friction for application teams while maintaining strong control coverage.
Support delivery of high-profile technology initiatives and regulatory or audit commitments.
Ensure supported areas meet compliance and risk management requirements; partner with stakeholders to deliver key risk initiatives.
Act as a liaison between Information Security and line-of-business teams to coordinate reviews, decisions, and outcomes.
Provide security consulting for medium-complexity initiatives to ensure alignment with corporate information security policies and standards.
Drive identification, prioritization, remediation, and sustained closure of self-identified issues, audit issues, corrective actions, and other high-priority security commitments.
Design, document, test, and maintain moderately complex security solutions across areas such as networking, cryptography, cloud, IAM (authentication/directory services), email/internet security, application security, and endpoint security.
Apply industry-leading security solutions and best practices across availability, integrity, confidentiality, risk management, threat identification/modeling, monitoring, incident response, access management, and business continuity.
Collaborate with peers, partners, and leaders to resolve issues, remove blockers, and deliver outcomes.