At Wells Fargo, we have one goal: to satisfy our customers’ financial needs and help them achieve their dreams. We’re looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you’ll feel valued and inspired to contribute your unique skills and experience.
Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
Corporate Risk helps all Wells Fargo businesses identify and manage risk. We focus on three key risk areas: credit risk, operational risk, and market risk. We help our management and Board of Directors identify and monitor risks that may affect multiple lines of business, and take appropriate action when business activities exceed the risk tolerance of the company.
Since 1852, customers have trusted that Wells Fargo would keep their assets secure from theft and always available. Today, maintaining customer trust remains our underlying operating principle.
Enterprise Information Security’s (EIS) vision is to provide Wells Fargo world leading cyber security risk management. Through a framework that addresses policy, process, operations, people, and technology, EIS protects Wells Fargo’s infrastructure, corporate data, and customer assets, and ensures alignment with applicable regulations and laws. EIS is part of Wells Fargo's Corporate Risk organization and is led by the Chief Information Security Officer.
The Security Code Review (SCR) team is part of Wells Fargo Enterprise Information Security Cyber Security Defense and Monitoring organization that is responsible for identifying, documenting, and assessing Information Security risks within Wells Fargo critical applications (e.g. Internet, mobile, etc.) using a static methodology for deep-level security code analysis.
We have an excellent opportunity for an experienced static code reviewer to join our team. In this Information Security Engineer 4 - Static Analysis Team position, you will use static analysis tools to quickly analyze application source code for a number of security issues. This opportunity will be executing builds with the static analysis tools on various applications.
Location: This position may sit at any location within the Wells Fargo footprint, or telecommute.Required Qualifications
- 5+ years of information security applications and systems experience
- 3+ years of .net experience
- Advanced Information Security technical skills
- Ability to manage complex issues and develop solutions
- Excellent verbal and written communication skills
- 1+ year of Java experience
- 3+ years of ANT or Maven experience
- Knowledge and understanding of C++
- 3+ years of MS Visual Studio experience
- Fortify Code Analyzer experience
- Ability to identify and manage complex issues and negotiate solutions within a geographically dispersed organization
- Ability to troubleshoot common computer software problems
- Ability to think creatively to find innovative solutions to complex analytical questions
- 2+ years of SAST (Static Analysis Software Testing) experience
- Strong in .Net with some Java or an interest to learn Java
- 5+ years of web applications experience
- 2+ years of process definition and documentation experience
- 1+ year of experience with IIS
- Knowledge and understanding of PHP
- Knowledge and understanding of mobile applications from a static analysis perspective
- All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.
Relevant military experience is considered for veterans and transitioning service men and women.
Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.