Info Security Engineer 2

About Wells Fargo
Wells Fargo & Company (NYSE: WFC) is a diversified, community-based financial services company with $2.0 trillion in assets. Founded in 1852 and headquartered in San Francisco, Wells Fargo provides banking, insurance, investments, mortgage, and consumer and commercial finance through more than 8,500 locations, 13,000 ATMs, the internet (wellsfargo.com) and mobile banking, and has offices in 42 countries and territories to support customers who conduct business in the global economy. With approximately 273,000 team members, Wells Fargo serves one in three households in the United States. Wells Fargo & Company was ranked No. 25 on Fortune's 2017 rankings of America's largest corporations. Wells Fargo's vision is to satisfy our customers' financial needs and help them succeed financially. News, insights and perspectives from Wells Fargo are also available at Wells Fargo Stories .

About Enterprise Global Services
Enterprise Global Services (EGS) enables global talent capabilities for Wells Fargo Bank NA., by supporting over half of Wells Fargo's business lines and staff functions across Technology, Business Services, Risk Services and Knowledge Services. EGS operates in Hyderabad, Bengaluru and Chennai in India and in Manila, Philippines. Learn more about EGS at our International Careers website .

Department Overview
Enterprise Core Services (ECS) group is within the Enterprise Information Technology business and a critical component of the Enterprise CIO operating model aimed at providing common, consistent, and foundational software services and solutions to be used across technology at Wells Fargo. The group includes the strategic development and support of core information management services including data technology blue print, common data services, customer relationship management services and customer due diligence services to be leveraged across all technology teams in Wells Fargo. Additionally their Cloud enablement services is another strategic priority to re-engineer of a significant portion of Wells Fargo's large and complex application portfolio.

About the role
Strong ethics and understanding of ethics in business and information security

Responsibilities
Work on OWASP tools and methodologies
Able to perform manual and automated code reviews.
Security testing tools and software like AppScan, Fortify, WebInspect, CoreImpact etc
Present findings to technical staff and executives
Complete tasks and deliver professionally written reports for business units
Knowledgeable with application security controls
Experience with testing, quality control review, or validation activities.

Market Skills and Certifications
Essential Qualifications:

Should have at least 2+ years of experience in security domain
1.Good understanding of application vulnerability assessments
2.Understands code review across
3.Understanding of security tools (SD Elements and Threadfix)
4.Have knowledge ofinstallation and configuration of Fortify
5.Good knowledge on SDLC processes
6.Good to have knowledge of developing manual security testing scripts and procedures
7.Good to have knowledge in developing dashboard of findings along with exceptions like Thread Fix tool.
8.Other security-related projects/activities that may be assigned according to skills
9.Knowledge of security requirements in SDLC phases.
10.Proficient English language written and oral communication skills
11.Working knowledge of any of the programming language to an extent of developing internet facing applications will be added advantage
12.Good to have Application threat modeling knowledge and experience


Back to top