Secure by Design - Head of Architecture - Technology Director

About this role:

Wells Fargo is seeking a Technology Director. This individual will server as the Head of Security Architecture will lead the enterprise-wide cybersecurity architecture strategy, ensuring robust, scalable, and compliant security solutions across all technology platforms. This role provides technical leadership, governance, and innovation to safeguard critical assets, reduce risk, and align with regulatory frameworks such as NIST, FFIEC, and GLBA. This is a hands-on, deeply technical, and forward-looking architectural leadership role responsible for shaping the future of the company's security posture.

Enterprise Engineering:  Covers strategic roles responsible for technology application development across the enterprise, identifies and resolves abstract, systemic, cross-function issues impacting the effectiveness of the company's technology capability and builds support for strategies with the business and technology leaders

Key Responsibilities

Enterprise Security Architecture Leadership

• Serve as the principal architect and final decision-maker for all enterprise security standards, patterns, and target-state architectures.
• Define, maintain, and own the enterprise security architecture roadmap across all major cybersecurity domains, including Network Security, Cloud Security, Identity and Access Management, Application Security, Data Protection, Cryptography, Threat Management, Vulnerability Management, Endpoint Security, and Security Operations.
• Establish and enforce architecture standards, patterns, and technology disposition policies to ensure consistency and control.
• Manage the architecture for large portfolios of applications and security products, ensuring alignment with current and target state architectures.

Security, Risk & Regulatory Alignment

• Drive and ensure compliance with internal security control requirements and external regulations (e.g., GLBA, PCI DSS, SOX) and industry standards (e.g., NIST, COBIT).
• Serve as the senior technical authority during regulatory exams, audits, and risk committee reviews.
• Architect proactive controls and automation that reduce manual burden and mitigate audit findings.

Technical Strategy & Innovation

• Oversee threat modeling, cryptographic evaluations, and architecture risk assessments for hybrid cloud environments and new data centers.
• Lead the integration of advanced technologies such as AI/ML, Quantum Security, and Zero Trust into the enterprise architecture frameworks.
• Embed security principles into the CI/CD pipeline and champion DevSecOps best practices.

Cross-Functional Leadership & Influence

• Partner with engineering, operations, and business units to embed security by design into all technology initiatives and programs.
• Direct and influence product, engineering, and operations teams on the implementation of security architecture.
• Represent security architecture in executive forums, strategy councils, and enterprise steering committees, effectively communicating complex technical concepts to non-technical stakeholders.

What Success Looks Like

• A unified, modern, and resilient security ecosystem with minimized risk and friction.
• Widespread adoption of architectural guardrails and security standards by all engineering and application teams.
• A demonstrable improvement in security posture, evidenced by a reduction in architectural risk and audit findings.
• Security is recognized as a strategic business enabler and a core component of all technology initiatives.
• Clear and consistent alignment with key regulatory frameworks, including NIST, FFIEC, and GLBA.

Required Qualifications:

• 8+ years of Technology Strategic Leadership experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 4+ years of management or leadership experience

Desired Qualifications:

• 10+ years of experience in cybersecurity architecture leadership roles, preferably within financial services or another highly regulated industry.
• Deep expertise across all major cybersecurity domains: Network and Cloud Security, IAM and Privileged Access, Application Security and DevSecOps, Data Security and Encryption, Threat Detection and Incident Response, Vulnerability and Patch Management, and Security Operations/SIEM.
• Strong knowledge of regulatory frameworks (GLBA, PCI DSS, SOX) and industry standards (NIST, COBIT).
• Proven ability to lead large, cross-functional teams and influence executive stakeholders.
• Advanced degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• Professional certifications such as CISSP, CISM, SABSA, or TOGAF.
• Demonstrable experience designing and implementing Zero Trust Architecture.
• Experience leveraging AI-driven security solutions for threat detection, automation, and analytics.

Job Expectations:

• Ability to work on-site in one of the listed locations. This is a hybrid work environment with no option for fully remote work.

• This position is not available for visa sponsorship.

• Ability to travel up to 15% of the time.

Pay Range
 

Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to achievements, skills, experience, or work location. The range listed is just one component of the compensation package offered to candidates.

Posting End Date:

*Job posting may come down early due to volume of applicants.

We Value Equal Opportunity

Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.

Applicants with Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.

Drug and Alcohol Policy

Wells Fargo maintains a drug free workplace.  Please see our Drug and Alcohol Policy to learn more.

Wells Fargo Recruitment and Hiring Requirements:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.

b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.