Lead Information Security Engineer

In this role you will:

• Provide technical and professional guidance to less experienced staff. Given the nature of the encryption technologies the team environment is very fast paced and requires the ability to drive to solutions as an individual and to work effectively with the team as well.
• Be responsible for infrastructure design engineering automation and day to day management of Crypto infrastructure. This infrastructure consists of Windows and Linux servers software and hardware-based appliances and Hardware Security Modules (HSMs) leveraged to provide Cryptographic capabilities companywide at Wells Fargo.
• Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as automation availability integrity confidentiality risk management threat identification modeling monitoring incident response access management and business continuity.
• Participate in the research analysis design testing and implementation of complex information protection technologies alongside other teams within our organization.
• Conduct technical investigation of incidents to identify causes and recommend future mitigation strategies.
• Develop and implement synthetic transaction monitoring to simulate user interactions ensuring continuous performance and availability of critical applications.
• Integrate self-healing technologies into the security architecture automating responses to incidents and reducing manual intervention.
• Work with vendors to understand the technology vendors roadmap help to influence that roadmap and ensure requests for technology/product enhancements are meeting the needs of Wells Fargo.
• Work with partner engineering teams on identification and remediation of security vulnerabilities and may also conduct risk assessments of Infrastructure to ensure compliance with corporate security policies and adherence to best practices.
• Provide periodic 24/7 on-call support rotation and some work will be required to be done during off hours.
• Need to be capable of creating technical/engineering documentation and have excellent written and oral communication.
• Lead incident response activities for highly complex events

Required Qualifications:

• 5 years of Information Security Engineering experience or equivalent demonstrated through one or a combination of the following: work experience training military experience education.
• 5 years of intermediate to advanced level experience with scripting/automation using tools such as: Bash PowerShell Python Ansible VBScript or JavaScript UI path etc.
• 5 years of Unix/Linux Systems Administration experience with in-depth knowledge of troubleshooting OS hardening and OS tuning.
• 5 years of experience with encryption or tokenization technologies.
• 3 years of experience performing builds administration and/or support of hardware security modules or security appliance devices.
• Advanced Knowledge of Cryptographic protocols & algorithms.
• Understanding of (format preserving encryption) FPE tokenization and TDE (transparent data encryption) etc.
• Knowledge and understanding of implementing infrastructure upgrades security patches version upgrades for systems appliances and HSMs
• Experience with Agile Scrum or Kanban methodologies.
• Proven experience with change and incident management practices in medium to large enterprise environments.

Desired Qualifications:

• Experience with and the ability to thrive in a complex and fast-paced technology and/or information security organization within a large enterprise environment.
• Experience with application support in Linux and Windows server environments.
• Experience performing technical product assessments including development of implementation plans in a large enterprise.
• Experience mentoring/guiding less experienced staff.
• Strong analytical skills with high attention to detail and accuracy.
• Advanced critical thinking problem solving and technical troubleshooting abilities.
• Ability to identify and assess issues then make sound decisions.
• Security certifications such as CISSP GIAC or equivalent.
• Cloud certifications such as AZ-900 MS-900 or equivalent/higher.
• Strong verbal written and interpersonal communication skills.
• Advanced scripting skills specifically around log rotation data collection error collection and alerting.
• Knowledge and understanding of implementing infrastructure upgrades security patches or version upgrades.
• Experience with Thales CipherTrust Key Manager and CipherTrust Transparent Encryption (CTE).
• Experience designing developing and implementing synthetic transactions for the monitoring of applications and/or infrastructure.
• Experience with Puppet/Chef/Ansible or similar automation tools.
• Public cloud engineering or support experience.
• Knowledge and understanding of Splunk.
• Knowledge and understanding of Cryptographic Technologies and Key Management.
• Knowledge and understanding of banking or the financial services industry.
• Ability to coordinate completion of multiple tasks and meet aggressive time frames.
• Application development experience.

Job Expectations:

• Ability to work on call /off-hours as assigned per the Team on-call rotation.
• Ability to travel up to 5% of the time.
• This position is not eligible for Visa Sponsorship.
• No C2C
• Onsite work required 3x weekly

Posting End Date:

*Job posting may come down early due to volume of applicants.

We Value Equal Opportunity

Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin disability status as a protected veteran or any other legally protected characteristic.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit Market Financial Crimes Operational Regulatory Compliance) which includes effectively following and adhering to applicable Wells Fargo policies and procedures appropriately fulfilling risk and compliance obligations timely and effective escalation and remediation of issues and making sound risk decisions. There is emphasis on proactive monitoring governance risk identification and escalation as well as making sound risk decisions commensurate with the business units risk appetite and all risk and compliance program requirements.

Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates including women persons with disabilities aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.

Applicants with Disabilities

To request a medical accommodation during the application or interview process visitDisability Inclusion at Wells Fargo.

Drug and Alcohol Policy

Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more.

Wells Fargo Recruitment and Hiring Requirements:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.

b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.