Information Security Engineering Manager - Security Baselines

About this role:

Wells Fargo is seeking a Information Security Engineering Manager

In this role, you will:

• Manage a team of engineers that design, document, test, maintain and provide issue resolution recommendations for highly complex security solutions related to networking, cryptography, cloud, authentication or directory services, email, internet, applications or endpoint security
• Manage security consulting on large projects for internal clients to ensure conformity with corporate information security policy, and standards
• Possess subject matter expertise at a mastery level in current and emerging security solutions and best practices
• Review and correlate security logs
• Manage computer security incident response activities for highly complex events
• Conduct technical investigation of security-related incidents, and conduct post-incident digital forensics to identify causes and recommend future mitigation strategies
• Manage implementation of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
• Work with more experienced technologists and team
• Interface with more experienced management
• Manage allocation of people and financial resources for Information Security Architecture
• Mentor and guide talent development of direct reports and assist in hiring talent

Required Qualifications:

• 5+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 2+ years of Leadership experience

Desired Qualifications:

• Bachelor’s or master’s degree in relevant Technology /Security discipline
• One or more professional certifications such as CISSP, CISA, CISM, CCSP, CCSK, CRISC or other industry security certifications
• Strong Information Security technical skills and knowledge to identify, research, and understand security control gaps and program compliance issues
• Delivery of projects/operations/administrative initiatives with strong focus on quality and value creation for the organization/enterprise
• Excellent leadership, stakeholder management, and program management skills.
• Effective verbal, presentation, written and interpersonal communication skills.
• Ability to coordinate completion of multiple tasks and meet aggressive time frames
• Experience in technology consulting companies, global financial institutions or experience in US banking sector is preferred
• Ability to influence across all organizational levels, particularly senior/executive management
• Awareness of industry standards and their applicability to financial organizations.
• Self-motivated individual who seeks continuous self-improvement and thrives in a fast-paced, changing environment

Job Expectations:

• Manage and develop a team of 5–10 Information Security Engineers; set goals, coach performance, and support career growth
• Hire and onboard Information Security Engineers; define expectations and skill development plans aligned to baseline program needs
• Create team norms for delivery, documentation quality, peer reviews, and operational rigor
• Run intake/triage and prioritize work across team, balance urgent risk reduction with planned modernization
• Remove blockers, manage dependencies, and ensure work does not stall; drive predictable throughput
• Lead team response coordination for baseline-related events; ensure rapid mitigation and clear communications
• Track and report progress, risks, and aging items; maintain Jira hygiene and operational visibility
• Oversee (review/approve) the creation, review, and publication of baseline configurations aligned to CIS Benchmarks where applicable
• Ensure policy/requirements are translated into actionable, testable technical configuration guidance
• Set validation expectations (test plans/evidence) and ensure baselines are measurable and maintainable
• Maintain a consumable baseline catalog with versioning, consumption guidance, and exception pathways
• Strong technical depth in baseline configuration/hardening plus at least one adjacent domain; able to coach and review others’ work.
• Set standards for baseline design, documentation, and validation evidence; enforces quality gates
• Provide technical review/approval and mentorship (baseline configuration parameter and settings review)
• Guide the team’s automation approach to reduce toil (templates, scripts, validation checks) through review and prioritization
• Guide responsible AI usage to increase speed safely (verification, secure data handling, traceability)
• Act as a technical escalation and decision point for ambiguous issues—triaging to SMEs/senior ICs as needed
• Risk-based leadership: balances speed, operational burden, and risk reduction
• Integrity & accountability sets expectations, gives direct feedback, and builds a culture of ownership
• Coaching mindset: develops talent through mentorship, timely feedback, and growth plans
• Operational maturity: designs for sustainment (runbooks, supportability, lifecycle management)
• Coordinate across engineering, operations, and governance teams to gather inputs and drive adoption
• Translate security requirements into implementation-ready steps; negotiate timelines and constraints
• Lead working sessions to resolve contested requirements, exception patterns, and operational ownership
• Represent the team in governance/audit/risk reviews; ensure evidence and documentation quality

Relevant domains include

• Security baseline configurations / hardening (explicitly including CIS Benchmarks)
• Scripting/automation/Programming (PowerShell, Python, Bash, C#, Java, etc.)
• AI understanding (practical use cases, limitations, and secure usage)
• Server OS fundamentals (Windows/Linux)
• Network/Firewall concepts (as applicable to baseline requirements)
• Encryption fundamentals (as applicable to baseline requirements)

Posting End Date: 

*Job posting may come down early due to volume of applicants.

We Value Equal Opportunity

Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.

Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.

Applicants with Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.

Drug and Alcohol Policy

Wells Fargo maintains a drug free workplace.  Please see our Drug and Alcohol Policy to learn more.

Wells Fargo Recruitment and Hiring Requirements:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.

b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.