Previous Job
Ref No.: 18-05218
Location: Charlotte, North Carolina
Business Systems Consultant Opportunity in Charlotte, NC/Minneapolis, MN/ or Chandler, AZ!

If interested, please email resumes and 2-3 professional references to Lane Lambert at

Enterprise Information Security is seeking a Business Systems Consultant (BSC) to support FFIEC Regulatory Application Penetration Testing.

In this role, you will also work with the FFIEC Manager, other BSCs, and the Information Security Leaders assigned to different LOB Areas to support the FFIEC program in each LOB area as well as to continuously ensure the timely and full completion of FFIEC Testing of all applications in scope. Communication with the business security team, enterprise application security program, other enterprise information security partners, and development technology partners in each LOB area is critical in this role.

The Business Systems Consultant will:
• Assist with communicating FFIEC program information to various levels of personnel in security, technology, and business areas
• Maintain test progression, test results, and other data in tracking tools for FFIEC and program
• Organize, prepare deliverables, and run various meetings for the FFIEC program in individual LOB Areas
• Coordinate tests with Wells Fargo EIS Security Testers and each LOB Area
• Help maintain the FFIEC program RACI document for individual LOB areas
• Use an application selection methodology to select applications in scope for the FFIEC Program in individual LOB areas
• Maintain sharepoint sites for FFIEC processes
• Create Project Definition Documents (PDDs) for FFIEC program in individual LOB Areas
• Create Business Requirement Documents (BRDs) for FFIEC program in individual Areas
• Assist with yearly scoping and scheduling exercise for the FFIEC program in individual LOB Areas
• Assist with defining FFIEC retest methodology in individual LOB Areas
• Maintain process documentation for the FFIEC program
• Improve processes related to the FFIEC program
• Organize and hold meetings as required for FFIEC program
• Assist with test and FFIEC program issue escalation and problem resolution as required
• Create appropriate actionable metrics for EIS to provide visibility of summary and detailed level status
• Interact with LOB Representatives in every LOB on a regular basis to provide status information, answer questions, and ensure the timely progression of tests
• Meet with and provide updates to EIS management on issues and status regarding the FFIEC program
• Follow-up with and research findings in the various defect tracking tools with the LOB representatives, LOB Representatives, and Information Security Engineers to support the FFIEC program
• Follow-up with and research questions pertinent to the FFIEC program related processes, findings, tools, and tests
• Prepare other ad hoc management level and audit material/documentation as required
• Provide technical support in reviewing technically complex reports, ensuring that each report is compliant with documented minimum content standards.
• Determine missing report content in an organized manner, communicate with the document creators to identify missing content, retrieve it, track their progress in providing the data and bring these reports to compliant status.
• Provide support in translating technical test report documents into an online system of record and notifying corporate risk consultants when the reports are ready for their use.
• Communicate status of reports in progression, from scheduling, assignment, report creation, and system of record entry queue status.

• 5+ years of business systems analysis experience, business systems design experience, or a combination of both. • 4+ years of experience coordinating large numbers of technical engagements and tracking action or mitigation plans • 4+ years of experience of creating and maintaining process and requirements documentation • 3-5 years of experience in reviewing and proofing technical reports to ensure documented technical standards adherence in reports are complete. Be able to communicate effectively with technical team to bring all reports to technically compliant status. Be able to track and report on documentation updated and progress on reviews currently under review. • 3-5 years of experience working in a technical team, reviewing and providing document review feedback to technical staff on reporting requirements. • 3-5 years of experience with Microsoft Office - particularly in Word, Excel, Visio and PowerPoint, as well as Adobe PDR document creation, with skills in Word document formatting, revision control, indexing, comments, with excellent reading comprehension skills of technically complex content. • 3-5 year experience working with a technical team in a support role, able to interact on a high level to review technical documents, provide feedback on missing content and obtain and update reports with compliant content on an ongoing basis.
• Knowledge and understanding of technology project management: administrate and manage project schedules for multiple high profile implementation teams • Process definition and documentation experience • Knowledge and understanding of process flow or procedure writing • Ability to negotiate and facilitate issue resolution • Ability to work effectively in a team environment and across all organizational levels, where flexibility, collaboration, and adaptability are important • Ability to take initiative and work independently with minimal supervision in a structured environment • Ability to negotiate, influence, and collaborate to build successful relationships • Ability to organize and manage multiple priorities • Ability to develop reports and metrics • Ability to identify and present processes/operational enhancements • Knowledge and understanding of information security principles, policies, and procedures • Ability to create, review, update and maintain such documentation in Word and PDF format. • Experience in Word formatting and document conversion between Word and PDF. • Skill in creating PDF documentation with protected fields, user input fields, and whole document protection.