Damien McCall

Damien McCall

Vendor Application Security Testing Program Engagement Manager
Wells Fargo

Biography

Wells Fargo VAST Program Engagement Manager, Damien McCall, oversees the externally hosted Third Party Service Provided code review process. His responsibilities include managing the communications between the lines of business and the service providers, reporting metrics to senior management, and continuing to strengthen the application code review process in its entirety. As the Wells Fargo VAST Program Engagement Manager, he manages about 200 applications annually during their Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Manual Penetration Testing (MPT), and Mitigation Proposal Review (MPR) processes.

Damien assumed this role approximately one year ago, moving into the InfoSec space with a 15 year history in IT, with roles ranging from Help Desk Administrator to SOX Auditor to IT Business Analyst.

Prior to joining Wells Fargo Damien has worked for many industry leaders from the Fortune 500 to Fortune 100 companies giving him wide visibility into their challenges with problem solving and resource management.

Damien received his MBA with an emphasis on Project Management from Keller Graduate School of Management at the University of North Carolina at Charlotte and has completed Business Analyst (BA) PDU hours within UNC Charlotte’s Extended Academic Programs.

Presentation Title

Presentation: Partnering with an Enterprise to assist with managing a 3rd Party Supply Chain Management Program while also providing testing services to vendors in the supply chain

Presentation Overview

Managing the risk surrounding a 3rd party supply chain while providing testing services provides unique challenges. In particular, ensuring alignment of objectives and communications amongst the various Enterprise, Vendor, and Veracode teams requires an active, healthy partnership. As more Vendors already using Veracode have been identified to participate in and conform to Wells Fargo’s more mature program requirements, we have developed several tips and techniques to ensure the mutual success of all parties. We and our colleagues at Wells Fargo would like to share those with you. Anthony Braddy, Veracode; Damien McCall, Wells Fargo