About Wells Fargo
Wells Fargo & Company (NYSE: WFC) is a leading global financial services company with $2.0 trillion in assets and offices in over 37 countries. Founded in 1852 and headquartered in San Francisco, Wells Fargo provides asset management, capital raising and advisory, financing, foreign exchange, payments, risk management, and trade finance services to support customers who conduct business in the global economy. At Wells Fargo, we want to satisfy our customers’ financial needs and help them succeed financially. We also value the viewpoints of our team members and encourage them to be their best. Join our diverse and inclusive team where you will feel valued and inspired to contribute your unique skills and experience. We are looking for talented people who will put our customers at the center of everything we do. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you. Learn more at our International Careers website .
About Wells Fargo India
Wells Fargo India enables global talent capabilities for Wells Fargo Bank NA., by supporting business lines and staff functions across Technology, Operations, Risk, Audit, Process Excellence, Automation and Product, Analytics and Modeling. We are operating in Hyderabad, Bengaluru and Chennai locations.
Information and Cyber Security (ICS) is part of Wells Fargo's Technology organization. Through a framework that addresses policy, process, operations, people and technology. ICS protects our infrastructure, company data, and customer assets while ensuring alignment with applicable regulations and laws.
The Enterprise Application Security Program enhances the ability of the development organization to consistently deliver highly functional applications that are secure and resilient against attack by developing policies, processes, and tools to proactively embed security into Wells Fargo-developed applications. This position is a Senior Information Security Engineer will perform an Individual contributor role in Enterprise Application Security Program (EASP) contributing to EASP practices from Well Fargo India and Philippines.
- Contribute to the Static Application Security Testing Stream (SAST) practice by enabling scanning tools, preset analysis/customization and processes.
- Contribute to security coding guidelines for different programming languages.
- Understand the EASP program and its implementation across the organization and stay abreast with the changes to the program.
- Enable the program by creating, on-boarding, maintaining and supporting SAST tools in EASP.
- Suggest and execute changes to the program and implement the changes to the enabling tools.
- Integrate with the state side leads to understand requirements and implement them in the practices and tools.
- Develop and leverage the ability to execute any EASP stream assigned.
- Associate with Application Security Champions, Architects and Application development teams in Governance, oversight and enablement of EASP.
- Apply knowledge of information security and application development industry trends and technology to drive organizational change and position to properly manage and remediate vulnerabilities.
- 8+ years of Overall IT experience
- 6+ years of application security Experience
- 3+ years SAST experience (including but not limited to Configuring and Running Scans, Vulnerability analysis, Preset analysis and customization) with Checkmarx.
- 3+ years of experience with all or some of the following practices like Security Requirements, Application Threat Modeling, Static Analysis, Application Security Risk Assessments, Security Design requirements.
- Knowledge and experience in working with various application security tools and systems.
- Knowledge and experience in identifying and suggesting mitigations to OWASP top 10, CWE/SANS top 25 to development teams.
- Ability to manage multiple priorities in a fast-paced dynamic environment.
- Advanced problem solving skills, ability to develop effective long-term solutions to problems.
- Excellent verbal and written communication skills
- Excellent inter-personal skills contributing to cordial team environment.
- Knowledge and understanding of secure SDLC (System Development Life Cycle) methodologies.
- Experience in drafting application security coding standards.
- Ability to manage highly complex issues and negotiate solutions
- A Bachelor’s degree or higher in information technology
- Knowledge and understanding of Application security threat management and mitigation domain.
- Application security experience with banking/financial services applications.
- Knowledge and understanding of threat modeling and assessment of potential and current information security risk/threats.
- Certified in Industry renowned certifications like CSSLP, CEH etc.,
We Value Diversity
At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.
Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.
Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.
How we hire
This is an example of some common job content that can be shown at the bottom of every job description. It is added in the CMS and then shown on every job. It can be used to supplement the job content that comes from the ATS.
Egestas faucibus lacus a ac aptent ac condimentum risus iaculis a parturient a enim suscipit semper hendrerit feugiat suspendisse lobortis facilisis vel at dolor ornare rutrum a elementum mi. Rhoncus mollis curae penatibus scelerisque suspendisse faucibus phasellus porttitor maecenas amet a amet hac facilisi a urna a vestibulum vestibulum maecenas per adipiscing ultrices.