[Skip To Content]
Laptop

Senior Information Security Analyst - IPD - CCAS

  • Technology
  • Full time
  • R-560374

About this role:

Wells Fargo is seeking a Senior Information Security Analyst to serve as a hands-on technical contributor focused on cryptographic controls, automation, and remediation execution.


In this role, you will:

  • Provide information security consultation to improve awareness and compliance with Enterprise Information Security policy, processes and standards

  • Perform remediation of security assessment review issues, complex ad hoc data, and reporting to support information security risk management

  • Provide guidance and direction in reviewing assessment findings and mitigating controls to optimize information security

  • Identify and direct information asset portfolio reconciliations and certifications

  • Provide advanced data aggregation and data of information security risk exposure

  • Develop and deliver Information Security Education Awareness and Training in accordance with the Enterprise Information Security Program standards

  • Review draft and proposed control standards for business impact and recommend modifications or clarifications as required

  • Conduct security control testing and consultation with stakeholders

  • Evaluate and interpret internal and Enterprise Information Security policies, processes and standards, and provide recommendations to improve them

  • Collaborate and consult with peers, colleagues, and managers to resolve issues and achieve goals

  • Interact with internal customers

  • Serve as a mentor to less experienced staff


Required Qualifications:

  • 4+ years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education


Desired Qualifications:

  • Experience in information security, cryptography, cybersecurity engineering, or control execution

  • Strong understanding of cryptographic concepts including PKI, digital certificates, encryption, and key management lifecycle controls

  • Experience with vulnerability and certificate scanning tools such as Qualys and Venafi

  • Experience with endpoint or infrastructure scanning platforms such as Tanium

  • Strong hands-on experience with Python, SQL, and API integration for automation and data processing

  • Experience using ServiceNow or similar platforms for remediation tracking, workflow orchestration, and ticket management

  • Ability to analyze large datasets, identify root causes, and drive remediation of complex security issues

  • Strong troubleshooting skills across cryptographic implementations, system configurations, and data sources

  • Understanding of security policies, control requirements, and governance expectations related to cryptographic controls

  • Experience with enterprise certificate lifecycle management and PKI governance processes

  • Experience building automated workflows for vulnerability detection, remediation tracking, and reporting

  • Experience integrating security platforms and consolidating data across systems of record

  • Experience with data visualization or reporting tools to support risk and control transparency

  • Familiarity with SDLC integration and embedding security controls into development workflows

  • Experience supporting audit, evidence generation, and control validation activities

  • Demonstrated ability to design scalable solutions that improve control consistency and reduce manual effort


Job Expectations:

  • Specializes in digital certificates, Public Key Infrastructure (PKI), encryption key management, and data protection controls across data at rest and in transit.

  • Analyze large-scale security datasets to identify non-compliant cryptographic implementations, troubleshoot configuration issues, and drive remediation across enterprise platforms such as Qualys, Venafi, Tanium, and ServiceNow. This role will design and implement automation solutions using Python, SQL, and APIs to improve visibility, reduce manual analysis, and enable scalable enforcement of cryptographic standards.

  • In addition to technical execution, integrate policy-aligned cryptographic baselines into workflows and SDLC processes, ensuring consistent, measurable control implementation aligned to enterprise policy requirements for certificate management and key lifecycle controls.

  • Analyze and interpret security data to identify cryptographic vulnerabilities, non-adherence, and configuration gaps across enterprise platforms

  • Drive remediation of non-compliant digital certificates, encryption configurations, and key management practices in alignment with policy and control requirements

  • Build automation solutions using Python, SQL, and APIs to streamline data ingestion, analysis, and remediation tracking

  • Integrate cryptographic controls into automated workflows and SDLC processes to ensure consistent application of standards

  • Leverage enterprise tools including Qualys, Venafi, Tanium, and ServiceNow to manage detection, tracking, and remediation of cryptographic issues

  • Design scalable, end-to-end solutions to improve visibility into cryptographic risk and control effectiveness

  • Support certificate lifecycle management activities, including discovery, validation, renewal, and removal of non-adherent certificates

  • Troubleshoot PKI-related issues, certificate misconfigurations, and key management lifecycle gaps

  • Partner with application and infrastructure teams to provide guidance, resolve issues, and accelerate remediation timelines

  • Communicate findings, risk impacts, and remediation priorities to stakeholders to enable informed decision-making

Posting End Date: 

21 Jul 2026

*Job posting may come down early due to volume of applicants.

We Value Equal Opportunity

Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.

Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.

Applicants with Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.

Drug and Alcohol Policy

 

Wells Fargo maintains a drug free workplace.  Please see our Drug and Alcohol Policy to learn more.

Wells Fargo Recruitment and Hiring Requirements:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.

b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.


Rejoignez notre communauté de talents

En savoir plus sur les événements à venir et les opportunités de carrière chez Wells Fargo.

Rejoignez vous
JK 1212 1236 B 4MP