Information Security Engineering Senior Manager – Cyber Hygiene
About Wells Fargo India
Wells Fargo India enables global talent capabilities for Wells Fargo Bank NA., by supporting business lines and staff functions across Technology, Operations, Risk, Audit, Process Excellence, Automation and Product, Analytics and Modeling. We are operating in Hyderabad, Bengaluru and Chennai locations.
Wells Fargo views Cybersecurity as enabling lines of business to mitigate cyber security risk in accordance with our risk appetite. Through a framework that addresses policy, process, operations, people, and technology, Cybersecurity protects our infrastructure, company data, and customer assets while ensuring alignment with applicable regulations and laws.
Our vision is to provide Wells Fargo with world-leading cyber security risk management.
About the Role:
The Cybersecurity line of business is looking for an Information Security Engineering Senior Manager to functionally lead and manage the teams within Cyber Hygiene function.
The Cyber Hygiene focuses on below key areas –
- Enterprise security vulnerability assessment by conducting security scans, providing assessment reports and assisting in risk mitigation. These scans, which may be ad hoc or persistently scheduled, target systems, applications, databases, and wireless devices.
- Configuration management activities by working with security baselines, implementing scans, research, and sharing results with internal partners. Ensures accurate scan results to facilitate downstream reporting efforts
- Responsible for the process to document the secure configuration of technology assets that have configuration settings within the security baseline defined. Execute a consistent and repeatable process for performing baseline work to support the Cybersecurity strategic objectives
- Deliver automation by identifying areas where efficiencies can be gained, understanding the existing process and writing code/building tools that will automate the tasks
- Participates in computer security incident response activities and the technical investigations of security-related incidents. Participates in the evaluation of vendor proposals, new and existing security designs, and emerging security technologies and systems.
Responsibilities of this position includes:
- Provide technical leadership oversight and guidance to the teams executing and delivering vulnerability assessment/management, information security baseline, and guidance to periodic enhancement, development, integration and operational support of Cyber Hygiene infrastructure and technologies
- Provide technical leadership oversight and guidance to the periodic infrastructure or application configuration management tasks, configuration management process and tools
- Provide technical inputs to streamline or automate process and identify risk appropriately
- Drive and coach the team for high performance. Develop and maintain an accurate knowledge in the above areas
- Identify the required skills for fulfilling the deliverables in the required areas and upkeep the knowledge requirements from time-to-time
- Participate in organizational initiatives that help mature the knowledge levels of the team
The candidate will work as part of highly interactive team that is expected to identify issues and help the team take next logical steps in terms of:
- Escalate to the right team.
- Collaborate with other teams and act quickly on the information gathered/discovered.
- Clearly understand business/regulatory requirements and deliver projects in the above areas.
- 15+ years of information security experience with minimum 8 years of leadership experience and /or people management experience
- Bachelor’s or Master’s degree in relevant Technology /Security discipline
- 5+ years of experience in vulnerability assessments and scans (Operating system and networks), network security, endpoint security, or security threat vectors
- 5+ years of experience in reviewing, creating, and updating Information Security Baselines
- 3+ years of experience with enterprise level vulnerability scan technologies and related infrastructure
- 3+ years of experience in security configuration management domain
- Awareness of industry standards and best practices (NIST, ITSM, ISO27000, PCI)
- Strong attention to detail to ensure documentation, procedures, and information security engineering, administration and operations-related information are accurate and consistent with generally accepted best practices and Wells Fargo policy
- Keeps abreast of latest information security trends specific to banking & financial services industry and security as a practice in general - viz Security Orchestration & Automated response, Latest Risk landscape with respect to technologies
- Demonstrated understanding and experience with information security vulnerabilities, threats, risks, security operations fundamentals, tasks and best practices
- Delivery of projects/operations/administrative initiatives with strong focus on quality and value creation for the organization/enterprise
- Excellent leadership, stakeholder management and program management skills.
- Effective verbal, presentation, written and interpersonal communication skills.
- Experience with global financial institutions
- Self-motivated individual who seeks continuous self-improvement and thrives in a fast-paced, changing environment
- Industry certifications like: ISC2 CISSP, CISM, GIAC or other industry security certifications
- Managed service delivery certifications like ITIL, Six Sigma will be beneficial
- Information Security leadership experience in Infrastructure and Cyber Security technologies and operations, Vulnerability Management, Information Security Risk Management, Cyber Security Operations, managed services delivery
- Experience in technology consulting companies or experience in US banking sector is preferred
- Experience with Cloud Models, policies and procedures, Cloud governance, risk and compliance processes
- Experience with automation
- Awareness of industry standards and their applications to financial organizations.
- Awareness about regulatory requirements for financial institutions and relate them to day-to-day operations.
Leadership Expectations at Wells Fargo:
As a Team Member manager, you are expected to achieve success by leading yourself, your team, and the business. Specifically you will:
Lead an agile engineering team supporting technology solutions development across multiple product or capability domains. Partner with business product managers, lead systems architects, and senior engineers to develop product functional and technical strategy for the domain(s), including development of actionable short and long-term product roadmaps and shaping prioritized features. Oversee engineering teams to deliver commitments aligned to strategic product priorities. Mentor and guide the professional and technical development of senior engineers and lower-level engineering managers and assists in hiring top engineering talent. Collaborate within and across agile teams to design, test, implement, and support technical solutions in full-stack development tools and methodologies. Ensure the craftsmanship, security, availability, resilience, and scalability of solutions developed by the teams or third-party providers. Support implementation of features spanning multiple teams for multiple product or capability domains.
At Wells Fargo, we believe in diversity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national or ethnic origin, age, disability, religion, sexual orientation, gender identity or any other status protected by applicable law. We comply with all applicable laws in every jurisdiction in which we operate.
Posting End Date:21 Dec 2023
*Job posting may come down early due to volume of applicants.
We Value Diversity
At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.
Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.
Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.
Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.
Applicants with Disabilities
To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.
Drug and Alcohol Policy
Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more.