Skip to main content

Senior Information Security Engineer - Application Security - SDElements

­­­­About Wells Fargo

Wells Fargo & Compa­­­­­­­­ny (NYSE: WFC) is a leading global financial services company with $2.0 trillion in assets and offices in over 37 countries. Founded in 1852 and headquartered in San Francisco, Wells Fargo provides asset management, capital raising and advisory, financing, foreign exchange, payments, risk management, and trade finance services to support customers who conduct business in the global economy. At Wells Fargo, we want to satisfy our customers’ financial needs and help them succeed financially. We also value the viewpoints of our team members and encourage them to be their best. Join our diverse and inclusive team where you will feel valued and inspired to contribute your unique skills and experience. We are looking for talented people who will put our customers at the center of everything we do. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you. Learn more at our  International Careers website .

About Wells Fargo India

Wells Fargo India  enables global talent capabilities for Wells Fargo Bank NA., by supporting business lines and staff functions across Technology, Operations, Risk, Audit, Process Excellence, Automation and Product, Analytics and Modeling. We are operating in Hyderabad, Bengaluru and Chennai locations.

Department Overview

Information and Cyber Security (ICS) is part of Wells Fargo's Technology organization. Through a framework that addresses policy, process, operations, people and technology. ICS protects our infrastructure, company data, and customer assets while ensuring alignment with applicable regulations and laws.

About Role:

The Enterprise Application Security Program enhances the ability of the development organization to consistently deliver highly functional applications that are secure and resilient against attack by developing policies, processes, and tools to proactively embed security into Wells Fargo-developed applications. This position is a Senior Information Security Engineer will perform an Individual contributor role in Enterprise Application Security Program (EASP) contributing to EASP practices from Well Fargo India and Philippines.


  • Contribute to the Security Requirements stream and customize SDElements Content and features as per Wells Fargo policies
  • Contribute and enhance Security requirements with industry trends to enable Wells Fargo adopted technology advancements to align with Wells Fargo's risk Appetite.
  • Review the team's deliverables, troubleshooting any issues and suggest ways to improve processes.
  • Contribute to security coding guidelines stream for different programming languages including drafting, publishing, and providing appropriate code snippets.
  • Understand the EASP program and its implementation across the organization, stay abreast with the changes to the program and suggest solutions for emerging threat landscape.
  • Suggest and execute changes to the program and implement the changes to the enabling tools.
  • Partner with the state side leads to understand requirements of the program and implement them in the practices and tools.
  • Execute any EASP stream assigned from WFIP.
  • Apply knowledge of information security and application development industry trends and technology to drive organizational change and position to properly manage and remediate vulnerabilities.

Essential Qualifications:

  • 8+ years of Overall IT experience
  • 6+ years of Application Security Experience
  • 3+ years of experience with all or some of the following practices like Security Requirements, Application Threat Modeling, Static Analysis, Application Security Risk Assessments, Security Design requirements.
  • Expert level understanding and experience with all or some of the following practices like Security Requirements, Application Threat Modeling, Static Analysis, Application Security Risk Assessments, Security Design requirements.
  • Expert level Knowledge and experience in working with various application security tools namely SDElements and Checkmarx.
  • Knowledge and understanding of secure SDLC (System Development Life Cycle) methodologies.
  • Experience in drafting application security coding standards.
  • Expert level knowledge and experience in identifying and suggesting mitigations to OWASP top 10, CWE/SANS top 25 to development teams.
  • Ability to develop expertise in Information Security Standards, Policies, Procedures and Controls.
  • Ability to lead a stream and deliver as per the program needs.
  • Ability to manage multiple priorities in a fast-paced dynamic environment.
  • Advanced problem-solving skills, ability to develop effective long-term solutions to problems.
  • Excellent verbal and written communication skills and stakeholder management.
  • Excellent inter-personal skills contributing to cordial team environment.

Desired Skills:

  • Excellent verbal, written, and interpersonal communication skills
  • Application security experience with banking/financial services applications or large enterprise.
  • Strong analytical skills with high attention to detail and accuracy
  • Ability to work effectively, as well as independently, in a team environment
  • Strong organizational, multi-tasking, and prioritizing skills
  • Ability to meet time sensitive deadlines required
  • Ability to work collaboratively and build consensus is essential
  • Ability to make sound decisions and exercise good judgment
  • Ability to work and achieve goals without constant supervision
  • Ability to handle confidential material in a professional manner
  • Industry certification such as CSSLP and CEH.


We Value Diversity

At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.

Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.

Join our talent community

Learn about upcoming events and career opportunities at Wells Fargo

Join now
JK 1212 1236 B 4MP