Info Security Engineer 5 - Application Incident Response & Research

Job Description
At Wells Fargo, we have one goal: to satisfy our customers' financial needs and help them achieve their dreams. We're looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you'll feel valued and inspired to contribute your unique skills and experience.
Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
Enterprise Finance & Information Technology offers technology and services that exceed Wells Fargo customers' expectations and directly enable them to succeed financially. We interact with customers more than 12 billion times a year through in-store, online, ATM, and telephone transactions. We impact customers directly, through systems availability and security, as well as indirectly, through our business partners who offer and deliver a myriad of products and services that meet customers' financial needs. We provide a competitive advantage for the company through excellence in fundamentals, integrated partnerships, and our talented and engaged team members.
The engineer will be responsible for providing thorough and accurate research of application security risks in their research of 0day vulnerabilities and application incidents. The engineer will play a major role in application incident response activities, including developing indicators of compromise, exploit signatures, and patch analysis requiring regular collaboration with various defensive and offensive teams within the organization. Performs application security incident response and vulnerability research activities and technical investigations of application security related incidents. Partners with senior level engineers to identify security vulnerabilities and respond to incidents. Acts as professional ethical penetration tester utilizing hacking tools to modify or create proof of concept exploits that mimic techniques of attackers to identify vulnerabilities and associate with a severity rating by deriving impact and ease of exploit.
Performs security risk assessments to ensure compliance with corporate information security policies and adherence to best practices. Conducts research, analysis, testing and implementation of complex web applications and firmware vulnerabilities. Identifies security vulnerabilities for the company's, application systems, application dependencies, including hardware infrastructure and emerging technologies to improve the enterprise information security posture. Communicates to the line of business, CIO areas, and relevant third parties on the inherent risks, providing meaningful hardening and mitigation strategies. Provides guidance and leadership to Information Security Engineers and acts as a mentor for these engineers interested in penetration testing and offensive security. This position is a part of the Cyber Threat Management - Application Incident Response and Research team.
Responsibilities include:

  • Incident management for 0day application vulnerabilities
  • Creation of 0day identification tools
  • Identification of 0day application vulnerabilities
  • Conducting web-based application penetration tests
  • Source code audits
  • Hands-on technical security evaluations and implementations
  • Developing custom penetration testing techniques and tools.
  • Install, configure, use and maintain testing tools as well as vulnerable applications/environments
  • Manually verify security vulnerabilities
  • Document identified 0day vulnerabilities and related matters in a clear, concise and timely manner
  • Meet with the application teams to review, describe and explain identified security vulnerabilities and possible remediation
  • Retest application updates or deployed remediation logic to verify resolution of security vulnerabilities
  • Update documentation as required
  • Maintain electronic or paper trail of testing activity for audit purposes
  • Maintain confidentiality of authentication credentials, sensitive application information and test results before, during and after completion of compliance testing and/or retesting
  • Providing adhoc penetration testing as necessary
  • Providing application security consulting SME Support to developers
  • Providing for root cause analysis and incident management investigation
  • Providing security training as required
  • Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities
  • Develop and review malicious use cases/threat models
  • Maintain a broad understanding of security technologies and products
  • Actively participate on improving the security culture and education throughout the organization.

Required Qualifications
  • 7+ years of information security applications and systems experience
  • 2+ years of experience creating proof of concepts, creating exploits, or a combination of both
  • 2+ years of experience in one or a combination of the following: Java, .net MVC via application development, exploit development via an interactive testing model or a source code vulnerability analysis model.
  • 1+ year 0day vulnerability discovery and research experience.

Desired Qualifications
  • Advanced Information Security technical skills and understanding of information security practices and policies
  • Ability to manage complex issues and develop solutions
  • Excellent verbal and written communication skills
  • Experience working in a large enterprise environment
  • Ability to manage multiple and competing priorities
  • Ability to take on a high level of responsibility, initiative, and accountability
  • Ability to work with limited supervision
  • Good attention to detail and accuracy skills
  • Knowledge and understanding of banking or financial services industry
  • Knowledge and understanding of information security industry standards and government regulations
  • Strong analytical skills with high attention to detail and accuracy
  • Strong collaboration and partnering skills
  • Strong organizational, multi-tasking, and prioritizing skills
  • Certifications in one or more of the following: Global Information Assurance Certification (GIAC), Offensive Security Certified Professional (OSCP), Offensive Security Wireless Professional (OSWP), Offensive Security Certified Expert (OSCE), Offensive Security Exploitation Expert (OSEE), or Offensive Security Web Expert (OSWE)

Other Desired Qualifications
  • 2+ years of information security experience in converged testing (red teaming)
  • 1+ year of experience in network, social, and physical domains

Job Expectations
  • Ability to work outside of regular business hours


All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.

Relevant military experience is considered for veterans and transitioning service men and women.

Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.

Back to top