Lead Information Security Analyst – GRC Project Leadership Chandler

ATTENTION MILITARY AFFILIATED JOB SEEKERS - Our organization works with partner companies to source qualified talent for their open roles. The following position is available to Veterans Transitioning Military National Guard and Reserve Members Military Spouses Wounded Warriors and their Caregivers. If you have the required skill set education requirements and experience please click the submit button and follow the next steps. All positions are onsite unless otherwise stated.

About this role:
Wells Fargo is seeking a Lead Information Security Analyst to join a dynamic team dedicated to safeguarding our customers and the companys most critical this pivotal role you will provide technical leadership in Cybersecurity Governance Risk and Compliance while driving projects and mentoring team members to achieve exceptional results. Youre the kind of person who can lead is coachable and enjoys partnering with others to complete projects.

The position requires deep expertise in policy compliance and vulnerability management with a strong focus on cryptography encryption key lifecycle management and digital certificate governance. The ideal candidate will have demonstrated experience in designing and implementing policy compliance or vulnerability management programs and leading initiatives or teams to successful completion. Most of all we need a person who can manage cyber projects has keen organizational skills and is highly collaborative.

This is a hybrid role at Wells Fargo.
There is no Visa sponsorship or Visa Transfers.
The position is seated in the location posted on the requisition.

In this role you will:

• Provide advanced information security consultation for policy compliance risk management security controls and remediation monitoring
• Lead projects and coordinate team efforts to ensure timely delivery of security initiatives
• Direct information security risk assessment and research and recommend remediation plans and strategies
• Perform Governance Risk and Compliance activities to identify and prioritize key risk areas monitor remediation and escalate critical risks to senior management
• Conduct user engagement on vulnerabilities and identified areas of policy non-adherence report and advise on moderately complex remediation or mitigation plans
• Design document test maintain and provide issue resolution recommendations for moderately complex security solutions related to networking cryptography encryption keys and digital certificates
• Review and correlate technical data such as vulnerability or endpoint scanning reports (e.g. Qualys Tanium) key and certificate management reports and security logs
• Analyze identified vulnerabilities assess their potential impact and prioritize remediation efforts based on risk levels
• Develop and maintain security policies and procedures related to information protection encryption and certificate management
• Create detailed process documentation and governance artifacts for security controls metrics and escalation routines

• IT Security certification (CISSP CRISC GIAC Cloud etc)

• 5 years of Information Security experience or equivalent demonstrated through one or a combination of the following: work experience training military experience education
• 4 years in a vulnerability management or governance risk and compliance role identifying and prioritizing areas of policy non-adherence report development remediation monitoring and escalation to senior management
• Strong experience with vulnerability or endpoint scanning tools (e.g. Qualys Tanium)
• Solid understanding of cryptography encryption key management and digital certificate lifecycle
• Proven ability to lead projects and/or teams including planning coordination and delivery

• IT Security certification (CISSP CRISC GIAC Cloud etc)
• Demonstrated expertise of Governance Risk and Compliance principles for monitoring adherence to Information Security policies
• Experience with or strong conceptual understanding of data protection principles frameworks and technologies
• Knowledge of Cloud service providers such as Amazon Web Services (AWS) Google Cloud Platform (GCP) or MS Azure
• Documentation skills including design diagrams process flows security controls and evidence archival
• Proven ability to plan manage and deliver complex projects or security initiatives including defining scope setting timelines coordinating resources and ensuring successful outcomes
• Knowledge of financial institution security procedures and data protection principles
• Experience with Agile methodology and product delivery
• Ability to communicate confidently and professionally
• Ability to negotiate influence and collaborate to build successful relationships
• Strong time management skills including the ability to handle multiple deliverables concurrently
• Ability to influence across all organizational levels

• Work independently and lead governance routines on a regular cadence
• Identify security vulnerabilities perform product mapping conduct trend analysis perform risk assessments and evaluate remediation alternatives
• Engage with stakeholders to monitor remediation and escalate critical risks
• Prepare executive ready
• Develop and maintain documentation for security controls and metrics governance routines escalation events and consequence model
• Drive continuous improvement in policy adherence monitoring vulnerability management and cryptographic security processes

• 1 Feb 2026
• *Job posting may come down early due to volume of applicants.