At Wells Fargo, we have one goal: to satisfy our customers’ financial needs and help them achieve their dreams. We’re looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you’ll feel valued and inspired to contribute your unique skills and experience.
Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
Corporate Risk helps all Wells Fargo businesses identify and manage risk. We focus on three key risk areas: credit risk, operational risk and market risk. We help our management and Board of Directors identify and monitor risks that may affect multiple lines of business, and take appropriate action when business activities exceed the risk tolerance of the company.
Since 1852, customers have trusted that Wells Fargo would keep their assets secure from theft and always available. Today, maintaining customer trust remains our underlying operating principle.
Enterprise Information Security’s (EIS) vision is to provide Wells Fargo world leading cyber security risk management. Through a framework that addresses policy, process, operations, people, and technology, EIS protects Wells Fargo’s infrastructure, corporate data, and customer assets, and ensures alignment with applicable regulations and laws. EIS is part of Wells Fargo's Corporate Risk organization and is led by the Chief Information Security Officer.
Our Enterprise Information Security team is looking for a strong cyber security professional with a background in software development and system administration for the Threat Detection Services development team. This team serves as a software development and infrastructure team within the Cyber Defense and Monitoring group. The ideal candidate will have extensive experience in the following security disciplines and/or activities: network forensics, endpoint forensics, incident response, threat hunting, deep packet analysis, log analysis, system hardening, and offensive security. The ideal candidate will additionally have extensive experience in the following software development and system administration disciplines and/or activities: software development lifecycle methodologies, object oriented programming, functional programming, compiled languages, scripting languages, REST API usage, windows API usage, cross platform development, relational database systems, windows server administration, linux administration, debugging, troubleshooting, automated build systems, technical documentation, secure coding practices, software testing, ticketing systems, and training.
This role will serve as an incident responder to assess the risk, impact, and scope of identified security threats, as well as leading the response efforts to include containment, eradication, and recovery. Strong verbal and written communication skills are desired, in order to ensure thorough and accurate documentation for the systems developed and also for communicating findings during an incident response effort. Regular collaboration with multiple teams such as Threat Detection Services, Security Content Development, Cyber Threat Intelligence, Cyber Threat Forensics, and Offensive Security teams will be critical to success.Required Qualifications
- 7+ years of information security applications and systems experience
- 5+ years of Incident Response Protocols and Tools experience
- 5+ years of secure SDLC (System Development Life Cycle) methodologies experience
- 7+ years of advanced scripting experience using Unix Shell Scripting, Perl, Python, Java, or PL-SQL
- 7+ years of application development experience
- Advanced Information Security technical skills and understanding of information security practices and policies
- Ability to manage complex issues and develop solutions
- Excellent verbal and written communication skills
- 5+ years of C# experience
- 7+ years of relational database experience
- 7+ years of Object Oriented Programming (OOP) experience
- 5+ years of database design experience
- 3+ years of version control system experience
- IIS, Apache, or nginx experience
- Experience with Security Orchestration and Automated Response (SOAR) tools
- Experience with automated build and continuous integration tools
- Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux
- Certifications from one or more of the following certification authorities: Global Information Assurance Certification (GIAC), International Information System Security Certification Consortium (ISC2), Information Systems Audit and Control Association (ISACA), or Offensive Security.
- All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.
Relevant military experience is considered for veterans and transitioning service men and women.
Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.