Senior Information Security Engineer

About this role:

Wells Fargo is seeking a Senior Information Security Engineer in Technology as part of Cybersecurity. Learn more about the career areas and lines of business at wellsfargojobs.com.

Wells Fargo is seeking a Senior Information Security Engineer for the Threat Disruptions (TD) Team within the Advanced Operational Services (AOS) organization of Cybersecurity. The TD team plays a critical role in protecting the company's digital environment by proactively identifying, mitigating, and disrupting cyber threats. The team's responsibilities include responding to and neutralizing phishing attempts reported by employees, dismantling brand infringement campaigns, and taking down malicious URLs targeting the organization. TD leverages multitude of advanced cyber security tools to investigate suspicious email related events. Additionally, TD manages and fine tunes Domain based Message Authentication, Reporting, and Conformance (DMARC) and Domain Name System (DNS) configurations to prevent spoofing to better safeguard the company's online presence.

In this role, you will:

• Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
• Review and correlate security logs
• Play a major role in phishing disruption efforts, including creation of new logic and procedures to identify phishing attacks impacting Wells Fargo customers and employees
• Lead or participate in computer security incident response activities for moderately complex events
• Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
• Provide security consulting on projects for internal clients to ensure conformity with corporate information, security policy, and standards
• Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
• Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
• Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals

• 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 1+ year of Splunk experience

• Strong investigative mindset with an attention to detail
• Advanced problem solving skills, ability to develop effective long-term solutions to complex problems
• Experience detecting and mitigating phishing attacks directed towards employees and the company brand
• Experience creating regular expressions and YARA rules
• Ability to manage complex issues and develop solutions
• Experience in one or more of the following security disciplines: information security monitoring; incident response; vulnerability management; host/network forensics; cyber-crime investigations; Domain-based Message Authentication, Reporting and Conformance (DMARC); or cyber threat intelligence.
• Ability to execute in a fast paced, high demand, environment while balancing multiple priorities
• Certifications in one or more of the following: Global Information Assurance Certification (GIAC); Offensive Security Certified Professional (OSCP); or equivalent
• Hands-on experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices
• Experience with host and/or network log analysis as applied to incident response / threat hunting
• Knowledge of offensive security, with the ability to think like an adversary when hunting and responding to incidents
• Strong experience in operating system and application security hardening and best practices

• Health benefits
• 401(k) Plan
• Paid time off
• Disability benefits
• Life insurance, critical illness insurance, and accident insurance
• Parental leave
• Critical caregiving leave
• Discounts and savings
• Commuter benefits
• Tuition reimbursement
• Scholarships for dependent children
• Adoption reimbursement