Info Security Engineer (Dev Team)Job ID 5556610
Important Note: During the application process, ensure your contact information (email and phone number) is up to date and upload your current resume when submitting your application for consideration. To participate in some selection activities you will need to respond to an invitation. The invitation can be sent by both email and text message. In order to receive text message invitations, your profile must include a mobile phone number designated as “Personal Cell” or “Cellular” in the contact information of your application.
At Wells Fargo, we want to satisfy our customers’ financial needs and help them succeed financially. We’re looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you’ll feel valued and inspired to contribute your unique skills and experience.
Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
Wells Fargo Technology is a team of more than 40,000 information technology and security professionals who help keep Wells Fargo at the forefront of America’s diversified financial services companies. Employees execute an engineering-led IT strategy to deliver stable, secure, scalable and innovative services that provide Wells Fargo global customers ‘round-the-clock’ banking access through in-store, online, ATM, and other channels. Wells Fargo Technology plays a critical role in the company’s customer and employee experience, business and risk management transformation, and growth agenda.
Information and Cyber Security’s (ICS) vision is to provide Wells Fargo world leading cyber security risk management. Through a framework that addresses policy, process, operations, people, and technology, ICS protects Wells Fargo’s infrastructure, corporate data, customer assets, and ensures alignment with applicable regulations and laws. ICS is part of Wells Fargo's Technology organization and is led by the Chief Information Security Officer.
Our Information Security team is looking for a strong cyber security professional with extensive experience in software development and system administration to join our Incident Response Development team. This team serves as a software development and infrastructure team within the Cyber Defense and Monitoring group.
- Extensive experience in the following security disciplines and/or activities: network forensics, endpoint forensics, incident response, threat hunting, deep packet analysis, log analysis, system hardening, and offensive security
- Extensive experience in the following software development and system administration disciplines and/or activities: software development lifecycle methodologies, object oriented programming, functional programming, compiled languages, scripting languages, REST API usage, windows API usage, cross platform development, relational database systems, windows server administration, Linux administration, debugging, troubleshooting, automated build systems, technical documentation, secure coding practices, software testing, ticketing systems, and training
- Regular collaboration with multiple teams such as the Cyber Threat Fusion Center, Security Content Development, Cyber Threat Intelligence, and Offensive Security teams will be critical to success
Other Desired Qualifications
- Experience with Security Orchestration and Automated Response (SOAR) tools
- 2+ years of version control system experience
- IIS, Apache, or nginx experience
- Hands-on experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices
- Experience with automated build and continuous integration tools
- Experience with host and/or network log analysis as applied to incident response / threat hunting
- Knowledge of offensive security, with the ability to think like an adversary when hunting and responding to incidents
- Strong ability to identify anomalous behavior on endpoint devices and/or network communications
- Strong experience in operating system and application security hardening and best practices
- Strong investigative mindset with an attention to detail
- Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux
- Advanced problem solving skills, ability to develop effective long-term solutions to complex problems
- Certifications in one or more of the following: Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensics Analyst (GNFA), Offensive Security (OSCP/OSCE/etc), or other relevant certifications
NC-Raleigh: 1100 Corporate Center Dr - Raleigh, NC
AZ-PHX-Northwest Phoenix: 2222 W Rose Garden Ln - Phoenix, AZ
CA-SF-Financial District: 333 Market St - San Francisco, CA
IA-West Des Moines: 800 S Jordan Creek Pkwy - West Des Moines, IA
IL-Chicago: 10 S Wacker Drive - Chicago, IL
MA-Boston: 125 High Street - Boston, MA
MN-Minneapolis: 550 South 4th St - Minneapolis, MN
MN-Saint Louis Park: 300 Highway 169 S - Saint Louis Park, MN
MO-Saint Louis: 1 N Jefferson Ave - Saint Louis, MO
NY-New York: 150 E 42nd St - New York, NY
PA-Philadelphia: 101 N Independence Mall E - Philadelphia, PA
TX-DAL-Downtown Dallas: 1445 Ross Ave - Dallas, TX
All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.
Relevant military experience is considered for veterans and transitioning service men and women.
Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.