Information Security Engineer 5
Posted on May 18, 2019 by Wells Fargo
At Wells Fargo, we want to satisfy our customers' financial needs and help them succeed financially. We're looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you'll feel valued and inspired to contribute your unique skills and experience.
Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
Enterprise Finance & Information Technology offers technology and services that exceed Wells Fargo customers' expectations and directly enable them to succeed financially. We interact with customers more than 12 billion times a year through in-store, online, ATM, and telephone transactions. We impact customers directly, through systems availability and security, as well as indirectly, through our business partners who offer and deliver a myriad of products and services that meet customers' financial needs. We provide a competitive advantage for the company through excellence in fundamentals, integrated partnerships, and our talented and engaged team members.
Since 1852, customers have trusted that Wells Fargo would keep their assets secure from theft and always available. Today, maintaining customer trust remains our underlying operating principle.
Enterprise Information Security's (EIS) vision is to provide Wells Fargo world leading cyber security risk management. Through a framework that addresses policy, process, operations, people, and technology, EIS protects Wells Fargo's infrastructure, corporate data, and customer assets, and ensures alignment with applicable regulations and laws. EIS is part of Wells Fargo's Enterprise Finance & Information Technology organization and is led by the Chief Information Security Officer.
Our EIS team is looking for a strong cyber security professional with a well-established set of incident response and threat hunting experiences to join our Threat Detection Services (Incident Response) team. The ideal candidate will have experience dealing with threats emanating from the use of PowerShell.
The ideal candidate will additionally have a well-rounded background in endpoint/network defenses and security incident response, as well as some offensive security knowledge to allow the ability to think like an adversary. This role will serve as an incident responder to assess the risk, impact, and scope of identified security threats, as well as leading the response efforts to include containment, eradication, and recovery. Strong verbal and written communication skills are desired, in order to ensure thorough and accurate reporting during and concluding a security incident. Regular collaboration with multiple teams such as the Cyber Threat Fusion Center, Security Content Development, Cyber Threat Intelligence, and Offensive Security teams will be critical to success.
Note: Charlotte, NC is the preferred work location but will consider other core Wells Fargo locations and telecommute.
- 7+ years of information security applications and systems experience
- 5+ years of Incident Response Protocols and Tools experience
- 5+ years of Security Information and Event Management (SIEM/SIM/SEM) experience
- 3 + years of experience with one or a combination of the following: networking, network security, or application security threat vectors
- Advanced Information Security technical skills and understanding of information security practices and policies
- Ability to manage complex issues and develop solutions
- Excellent verbal and written communication skills
Other Desired Qualifications
- Knowledge and understanding of banking or financial services industry
- Hands-on experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices
- Experience with host-based and/or network-based forensics tools and techniques
- Experience with host and/or network log analysis as applied to incident response / threat hunting
- Knowledge of offensive security, with the ability to think like an adversary when hunting and responding to incidents
- Strong ability to identify anomalous behavior on endpoint devices and/or network communications
- Strong experience in operating system and application security hardening and best practices
- Strong investigative mindset with an attention to detail
- Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux
- Demonstrate the ability to provide written and verbal communications to management to address real-time issues and incidents, including writing formal incident reports
- Advanced problem solving skills, ability to develop effective long-term solutions to complex problems
- Certifications in one or more of the following: Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensics Analyst (GNFA), Offensive Security (OSCP/OSCE/etc), or other relevant certifications.
NC-Charlotte: 1525 W Wt Harris Blvd - Charlotte, NC
All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.
Relevant military experience is considered for veterans and transitioning service men and women.
Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.