What are the responsibilities and job description for the Threat Modeling Program Operations Lead position at wellsfargo?
Title: Threat Modeling Program Operations Lead
Location: Charlotte, NC
Duration: 9 months
Work Engagement: W2
Work Schedule: 3 days in office/2 days remote
Benefits on offer for this contract position: Health Insurance, Life insurance, 401K and Voluntary Benefits
Summary:
In this contingent resource assignment, you may: Consult on complex initiatives with broad impact and large-scale planning for Information Security Engineering. Review and analyze complex multi-faceted, larger scale or longer-term Information Security Engineering challenges that require in-depth evaluation of multiple factors including intangibles or unprecedented factors. Contribute to the resolution of complex and multi-faceted situations requiring solid understanding of the function, policies, procedures, and compliance requirements that meet deliverables. Strategically collaborate and consult with client personnel.
The Threat Modeling Program Operations Lead is a high judgment operator responsible for running Threat Modeling as a Service (TMaaS) as a scalable, repeatable, and defensible delivery model. This role orchestrates end to end workflows, governs intake and readiness, enforces service boundaries, and eliminates process inefficiencies to achieve step function productivity gains.
The Operations Lead owns the operational backbone of the threat modeling factory: intake triage, readiness enforcement, scheduling, WCA management, and executive reporting. This role also coordinates TMaaS enablement across business units by standardizing service tiers, delivery expectations, communication cadences, and metrics.
The ideal candidate excels at building executive ready dashboards, managing cross cultural delivery across U.S. and India teams, and protecting architect capacity by ensuring only ready, in scope work enters the system.
Key Responsibilities:
Lead and govern Threat Modeling as a Service (TMaaS) operations across the enterprise.
Manage intake, eligibility, readiness, and prioritization of all threat modeling requests.
Ensure only ready, in‑scope work enters the pipeline to protect architect capacity.
Oversee scheduling, capacity planning, and delivery timelines.
Track customer delays (WCA), drive escalations, and surface blockers early.
Maintain Jira workflow accuracy and consistent communication across teams.
Align TMaaS delivery with SDLC timelines, releases, and change windows.
Produce dashboards, reports, and executive‑level insights on throughput, cycle time, and SLA performance.
Drive continuous improvement, process automation, and standardization of TMaaS service tiers.
Coordinate across U.S. and India teams to ensure seamless global delivery.
Required Qualifications:
Applicants must be authorized to work for ANY employer in the U.S. This position is not eligible for visa sponsorship.
Demonstrated experience with program operations, service delivery, or platform governance experience.
Demonstrated ability to run a productized internal service at scale.
Working knowledge of threat modeling concepts and SDLC integration.
High proficiency with Jira, dashboards, and operational reporting tools.
Excellent written and verbal communication skills, including executive-level reporting.
Proven ability to enforce process discipline under pressure and competing demands.
Preferred Qualifications:
Background in application security, AppSec operations, or security service delivery.
Experience launching or operating “X as a Service” models (Security, Platform, DevEx).
Familiarity with cloud, identity, and API centric architectures.
Experience supporting globally distributed delivery teams.
Prior ownership of metrics, SLAs, or internal service health reporting.