Wells Fargo

Receive alerts when this company posts new jobs.

Similar Jobs

Job Details

Information Security Engineer 6 - Cloud Security

at Wells Fargo

Posted: 1/2/2020
Job Reference #: 14032410
Keywords: engineer

Job Description

Job Description

At Wells Fargo, we want to satisfy our customers’ financial needs and help them succeed financially. We’re looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you’ll feel valued and inspired to contribute your unique skills and experience.
Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
Wells Fargo Technology offers technology and services that exceed Wells Fargo customers’ expectations and directly enable them to succeed financially. We interact with customers more than 12 billion times a year through in-store, online, ATM, and telephone transactions. We impact customers directly, through systems availability and security, as well as indirectly, through our business partners who offer and deliver a myriad of products and services that meet customers’ financial needs. We provide a competitive advantage for the company through excellence in fundamentals, integrated partnerships, and our talented and engaged team members.
The Cloud & Platform Security Solutions Engineering (CPSSE) team is part of the Information Security (IS) group under Wells Fargo Technology.   
CPSSE provides security solutions engineering for all Cloud and Distributed Systems platforms through innovation, commitment and accountability, and delivery of quality products and services. Position is responsible for security solutions design, implementation, consulting, and security governance guidance around cloud platforms, virtualization technologies, containerization, security controls, and emerging technologies.  Position will be responsible to apply in-depth Information Security experience, knowledge, and breadth in order to provide solutions for emerging cloud platforms and technology security risks, and improve the enterprise’s security posture. Position acts as a liaison to the owning technology LOB or area, cloud security program and supporting projects, Information Security (IS) focus areas, and peer teams across Information Security and Wells Fargo's Technology organization, to understand business processes and requirements and then provides security solutions design to enable risk mitigation across the enterprise.

This requisition has multiple openings for Technical Senior lnformation Security Engineer (ISE6) positions. 

Roles & Responsibilities may include:
* Serve as one of the senior level cloud security engineers / DevSecOps engineer / SME's for high visibility cloud computing initiatives
* Evangelize opportunities, challenges, and security advantages of integrated cloud services
* Analyze and design cloud security capabilities encompassing: DevOps, automation, access, connectivity
* Analyze and design controls to secure different cloud deployment and service models
* Architect, design, and implement secure cloud frameworks
* Design, manage, and execute transformation required for Public Cloud
* Develop and implement secure CI/CD pipelines
* Proactively partner to update CI/CD pipelines based on trends identified in the environment
* Develop and implement cloud-based procedures, security baselines, continuous monitoring, and compliance checks  
* Develop and implement opportunities to virtualize, automate, and develop infrastructure as code
* Leverage agility and scalability of DevSecOps and automated governance utilizing secure infrastructure as code
* Harden infrastructure, platforms, workloads, and services
* Review/update security policies, standards, requirements, and solutions covering different cloud deployment and service models
* Proactively prioritize, analyze and address complex problems and incidents to ensure the highest level of environment stability and availability
* Develop, document and implement a greenfield framework for cloud optimization leveraging industry best practices (including but not limited to CSA, CIS, NIST, FedRAMP, OWASP, etc.) to ensure a secure, least privileged model
* Devise a strategy to develop and implement cloud infrastructure to enable public cloud environments and interconnect to on-prem legacy environments
* Devise a strategy to transition from traditional access management best practices to role based access management strategies aligned and scalable for the cloud
* Partner with stakeholders to assess public & on-prem cloud services implementation and automation opportunities
* Develop and maintain relationships with business and IT partners, engineering and implement automation solutions that balance business agility, operational maintainability, and risk reduction
* Work with leaders and team members at all levels and across functional lines
* Critical thinking skills to question status quo
* Utilize analytical skills and the ability to think outside the box
* Strong ability to learn and solution for new and emerging technologies, and adapting to change
**Open to all Wells Fargo Major Hub Locations including telecommute. **

Required Qualifications

  • 10+ years of information security applications and systems experience
  • 4 + years of cloud computing experience
  • 2+ years of cloud computing engineering experience in one or a combination of the following: Amazon Web Services (AWS), Google Cloud Compute (GCC) or Azure Cloud Security
  • 2+ years of DevOps experience

Desired Qualifications

  • Expert knowledge and understanding of information security practices and policies, including Information Security Frameworks, Standards, and best practices
  • Ability to manage highly complex issues and negotiate solutions
  • Excellent verbal and written communication skills
  • Ability to interact and communicate effectively with all levels of an organization; including at the executive level
  • Cloud security certification such as Certificate of Cloud Security Knowledge (CCSK), Certified Cloud Professional (CCP) or Cloud Computing Architect (CCA)
  • Certified Information Systems Security Professional (CISSP)
  • Cloud vendor certification such as VMware Certified Professional (VCP) or AWS Certified Solutions Architect
  • Experience with Ansible automation tool
  • 4+ years of experience with scripting languages such as Bash, PowerShell, Python, Shell, VBScript, or JavaScript
  • Knowledge and understanding of system monitoring and automation
  • Experience with RESTful API calls
  • Experience with Agile Scrum (Daily Standup, Sprint Planning and Sprint Retrospective meetings) and Kanban
  • Knowledge and understanding of monitoring the development of security vulnerabilities, threats, exposures, associated risk, and mitigating solutions
  • Knowledge and understanding of network automation development through scripting
  • Knowledge and understanding of security technologies and concepts including: defense in principles, antivirus, firewall data and Intrusion Detection Systems (Host, network, Wireless)
  • IAM (Identity and Access Management) experience
  • Knowledge and understanding of security technologies and concepts including identity management, single sign on, directory services, role based access control, cryptographic algorithms, mutual authentication and certificate management
  • IDaas (IDentity as a Service) solutions experience
  • Knowledge and understanding of SAML (Security Assertion Markup Language)
  • Experience securing IaaS/PaaS private cloud or DevOps environments
  • 2+ years of experience with workload and service isolation in cloud and distributed platforms
  • Experience securing public SaaS cloud deployments
  • Knowledge and understanding of Information Security Frameworks and standards (FFIEC, NIST, ISO)
  • Experience working with cloud security management or governance tools
  • Knowledge and understanding of application or software security such as: web application penetration testing, secure code review, secure static code analysis
  • Ability to influence management on technical or business solutions

Other Desired Qualifications
  • 3+ years of experience with secure DevOps and deployment automation to cloud environments

Job Expectations

  • Ability to work on call as assigned
  • Flexibility to frequently be on call beyond normal working hours
  • Ability to travel up to 10% of the time

Street Address

NC-Charlotte: 1525 W Wt Harris Blvd - Charlotte, NC
AZ-Chandler: 2600 S Price Rd - Chandler, AZ
NC-Charlotte: 301 S Tryon St - Charlotte, NC
NC-Charlotte: 401 S Tryon St - Charlotte, NC


All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.

Relevant military experience is considered for veterans and transitioning service men and women.
Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!