Role: Senior Information Security Engineering - Cyber Threat Intelligence
About Wells Fargo India
Wells Fargo India enables global talent capabilities for Wells Fargo Bank NA., by supporting business lines and staff functions across Technology, Operations, Risk, Audit, Process Excellence, Automation and Product, Analytics and Modeling. We are operating in Hyderabad, Bengaluru and Chennai locations.
Wells Fargo views information security as enabling lines of business to mitigate information security risk in accordance with our risk appetite. Through a framework that addresses policy, process, operations, people, and technology, Information and Cyber Security (ICS) team protects our infrastructure, company data, and customer assets while ensuring alignment with applicable regulations and laws.
Our vision is to provide Wells Fargo with world-leading cyber security risk management.
The Cyber Threat Management (CTM) team under Cyber Security Defense and Monitoring (CSD&M) unit, with-in ICS, is responsible for monitoring the cyber threat landscape and performing proactive security assessments that mitigate the organization’s exposure to Advanced Persistent Threats (APT), Advanced Evasion Techniques (AET), Distributed Denial of Service (DDoS) Attacks, Hacktivism, Cyber Crime, Malware, and other categories of online attacks targeting the financial services industry
About the role
Our Information Security team is looking for a Senior Information Security Engineer to join Cyber Threat Intelligence (CTI) team to provide tactical and strategic cyber threat intelligence analysis, assess and analyze attack surface, and delivering ‘actionable intelligence’ with focus on current and emerging cyber-attacks against the Financial Services industry, Wells Fargo.
The candidate will actively engage in the tactical and strategic intelligence cycle, participating in discussions and presentations that enable cyber threat awareness of observed threat activity against the Financial Services industry, Wells Fargo. The candidate will work with internal teams to identify, analyze, and share correlated and enriched threat intelligence to assist incident response and threat detection teams to respond quickly and effectively to current and potential cyber threats.
The candidate will be responsible for leading and implementing cyber risk reduction efforts of Wells Fargo. The Senior Information Security Engineer will work in collaboration with Cyber Defense teams to support cyber risk reduction efforts.
Leads Wells Fargo cyber security incident response activities for moderate to complex events, conducts technical investigation of cyber security-related incidents and conducts post-incident analysis to identify causes and recommend future mitigation strategies. Identifies security vulnerabilities/issues, performs cyber risk exposure assessments, and evaluates remediation alternatives.
Serves as subject matter expert in industry leading security solutions and best practices used to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification/modeling/monitoring, and incident response. May interface with senior management.
- SME in leveraging industry solutions and intelligence gathering techniques to research, identify and report cyber related risks and events of interest relevant to Wells Fargo
- SME in performing in-depth analysis, assess and determine the risk levels leveraging tactical threat intelligence data
- Develop threat models based on emerging threats and attacks, and leverage them to perform deep-dive attack surface analysis
- Identifies and automates the functional tasks / activities processes, develops solutions
- Collaborate with solution engineers and developers for solution and content enhancements
- Perform risk modeling or create risk models to build / enhance cyber risk scoring processes
- Leads and delivers technical presentations and leadership reports
- Clear understanding of risk management practices in general and security risk management best practices and methodologies specifically.
- Maintain confidentiality of the organization security and technology related information
- Maintain a broad understanding of information security technologies and products
- Demonstrated detailed oriented self-starter and the ability to work independently with limited supervision and limited direction, and in collaborative team environments
- The ability to provide support after normal business hours as needed
- A strong ability to multi-task and manage varying priorities and projects
- 6 - 9 years of demonstrated information security engineering/consulting experience with tactical and strategic cyber threat intelligence research, collection, analysis, enrichment and reporting, and associated tools and technologies
- 5+ years of demonstrated experience in performing technical analysis and enrichment of pertinent attacks, threats and their indicators
- 3+ years of demonstrated experience leveraging open source and other subscriptions to deliver tactical and strategic intelligence
- Should possess capabilities & support decision-making efforts on tactical and strategic intelligence tasks
- Demonstrated experience with creating and communication of reports and presentations regarding cyber-attacks, threats and vulnerabilities to various level of personnel within large organization and its vendors
- Should possess understanding of third party/vendor/supply chain cyber footprint and associated risks (attacks, threats, vulnerabilities) over the internet
- Should possess understanding of security and threat landscape relevant to cloud technologies
- Must have a good understanding of the financial services industry, security, risk and privacy
- Must have current knowledge and stay up-to-date on the latest cyber security advisories, alerts and vulnerabilities
- Experience with enterprise security technologies such as SIEM
- Bachelor’s and/or Master’s degree in computer science or information systems
- SANS, CISSP or other relevant certifications highly preferred
- Excellent verbal, written, and interpersonal communication skills
- Experience working in a large enterprise environment
- Strong analytical skills with high attention to detail and accuracy
- Ability to work effectively, as well as independently, in a team environment
- Strong organizational, multi-tasking, and prioritizing skills
- Ability to meet time sensitive deadlines required
- Ability to work collaboratively and build consensus is essential
- Ability to make sound decisions and exercise good judgment
- Ability to work and achieve goals without constant supervision
- Ability to handle confidential material in a professional manner
We Value Diversity
At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.
Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.
Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.
How we hire
This is an example of some common job content that can be shown at the bottom of every job description. It is added in the CMS and then shown on every job. It can be used to supplement the job content that comes from the ATS.
Egestas faucibus lacus a ac aptent ac condimentum risus iaculis a parturient a enim suscipit semper hendrerit feugiat suspendisse lobortis facilisis vel at dolor ornare rutrum a elementum mi. Rhoncus mollis curae penatibus scelerisque suspendisse faucibus phasellus porttitor maecenas amet a amet hac facilisi a urna a vestibulum vestibulum maecenas per adipiscing ultrices.