Lead Cyber Security Research Consultant

About this role:

We are seeking a Lead Cyber Security Research Engineer to perform adversary emulation by simulating real‑world threat actor attacks. This role supports Wells Fargo Lines of Business by providing actionable insights into indicators of compromise and adversary tools, tactics, and procedures (TTPs), enabling improved detection and response capabilities across the enterprise.

The successful candidate will design, create, and execute end‑to‑end attack chains in collaboration with Threat Simulation team members and will debrief leadership and business owners to demonstrate how chained weaknesses can be combined to achieve higher‑impact outcomes. The role requires the ability to leverage advanced offensive security tools, develop proof‑of‑concept exploits, and clearly document attack paths so they can be reliably reproduced and used to inform defensive improvements.

This position is responsible for researching, analyzing, designing, testing, and implementing complex technologies, systems, and applications in support of adversarial operations. The role reports to Cyber Threat Management – Offensive Security Research Team (OSRT - Red Team).

In this role, you will:

• Lead initiatives including the research, analysis, design, testing and implementation of the most complex computer network security and protection technologies for company information and network systems and applications
• Act as professional red teamer utilizing hacking tools to modify or create proof of concept exploits that mimic techniques of the most sophisticated attackers
• Review and analyze complex advanced computer security incident response activities and technical investigations of information security related incidents
• Identify vulnerabilities and associate those to a severity rating by deriving impact and ease of exploit
• Conduct security risk assessments to ensure compliance with corporate information security policies and adherence to best practices
• Communicate to the line of business on the inherent risks, providing meaningful mitigation strategies
• Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals

Required Qualifications:

• 5+ years of Cyber Security Research experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 4+ years of information security experience in converged testing (red teaming)
• 4+ years of performing white hat exploitation and post-exploitation experience
• 2+ year of experience in network, social, and physical domains
• Proven ability to translate complex technical concepts into clear, actionable insights for audiences ranging from deep technical practitioners to business partners and executive leadership.

Desired Qualifications:

• Knowledge of Python, PowerShell, and Shell Scripting
• Previous experience with common command-and-control (C2) frameworks such as Cobalt Strike and Mythic or other advanced red team tooling
• Knowledge and understanding of information security risk assessment procedures, risk mitigation or remediation
• Experience in one or a combination of the following: creating proofs of concept, creating exploits, or reverse engineering
• Experience performing security assessments against cloud service providers (Azure/ GCP) and/or AI technologies
• Ability to handle confidential material in a professional manner
• Knowledge and understanding of banking or financial services industry
• Experience working in a large enterprise environment
• Knowledge and understanding of system/application architecture and design concepts

Job Expectations:

• This position offers a hybrid work schedule
• This position is not eligible for Visa sponsorship
• Demonstrate proficiency in using AI‑assisted development and analysis tools (e.g., GitHub Copilot and approved code‑centric agents)
• Leverage AI to accelerate system design, coding, testing, analysis, and troubleshooting
• Apply strong technical judgment when validating and integrating AI‑assisted outputs into solutions
• Understand and account for model limitations, security risks, and operational considerations
• Apply AI responsibly in development and production environments
• Ensure AI usage aligns with security, compliance, privacy, and ethical standards

Posting End Date: 

*Job posting may come down early due to volume of applicants.

We Value Equal Opportunity

Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.

Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.

Applicants with Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.

Drug and Alcohol Policy

Wells Fargo maintains a drug free workplace.  Please see our Drug and Alcohol Policy to learn more.

Wells Fargo Recruitment and Hiring Requirements:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.

b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.