Department Overview Wells Fargo views information security as enabling lines of business to mitigate information security risk in accordance with our risk appetite. Through a framework that addresses policy, process, operations, people, and technology, Information and Cyber Security (ICS) team protects our infrastructure, company data, and customer assets while ensuring alignment with applicable regulations and laws. Our vision is to provide Wells Fargo with world-leading cyber security risk management. The Cyber Threat Management (CTM) team under Cyber Security Defense and Monitoring (CSD&M) unit, with-in ICS, is responsible for monitoring the cyber threat landscape, developing innovative security solutions, and performing proactive security. About this role: Our Information and Cyber Security team is looking for an Lead Information Security Engineer to join our Cyber Threat Engineering and Research team. In this role Information Security Engineer participates in the research, analysis, design, testing implementation, engineering and operations support for Wells Fargo’s information security systems, incident response, and patch & vulnerability reporting tools. Analyzes business requirements, designs and writes technical specifications to create original, and update existing, security control content. Provides engineering operations support and quality assurance by: creating test plans, participating in overall systems testing, systems evaluations, and debugging of solutions, including updating and testing of the business continuation plan. Develops documentation, procedures, troubleshooting and user guides. Responsible for following work flow processes, change control, reporting, and peer reviews. Assists senior level engineers providing application support and troubleshooting to resolve production issues or system problems. Assists in computer security incident response activities and the technical investigations of security-related incidents. In this role, you will:
Evaluate and test functionalities of existing and new cyber security tools.
Assist with generating and delivering content and configurations for security tools that will:
Retrieve system information from all endpoints (Windows or Linux/Unix information related to files, running/installed applications, processes, network connections, etc.
Detect and alert on process and/or network behaviors, configuration or file changes, and compliance checks, which should be forwarded for security event creation or further analysis by security operations teams.
Create diagrams, Data Processing Flows, languages and standards
Produce Functional System Design Documents
Document solutions by writing installation, user, & troubleshooting guides
Following DevOps development lifecycle using Agile framework
Maintain IELC (Infrastructure Engineering Lifecycle) practice which “operationalizes” the technologies and services for use within our environment, resulting in defined infrastructure Product/Service offerings.
Collaborate effectively with both technical and non-technical stakeholders
Conduct cross trainings to the team
Predict Advise and Assist with infrastructure Roadmap planning and execution
Required Qualifications:
10 years of demonstrated information security engineering/ consulting experience with Endpoint security and analysis, enrichment, reporting, associated tools and technologies
Experience with scripting to automate tasks on Endpoint Detection and Response (EDR) tools.
Experience utilizing centralized log and event aggregation through Splunk, ELK, or similar SIEM tool. Knowledge of Splunk if SIEM work experience is on a tool other than Splunk.
Experience connecting security log sources, authoring alerts, and creating reports and dashboards to monitor for notable security events’ technologies.
Experience analyzing large data sets
Working experience on project over documented Change Management process.
Experience using team collaboration tool or portal, such as Confluence
Knowledge and understanding of business requirements gathering and translation to technical requirements
Knowledge and understanding of technical documentation: impact analysis, detailed designs and unit test plans
Desired Qualifications management tool
Experience with network security, endpoint security, or security threat vectors
Experience with at least one scripting language (preferably Python/ JavaScript and its frameworks) working on automation and engineering projectsMust have a good understanding of the financial services industry, security, risk and privacy
Must have knowledge of security technologies and products
Should possess understanding of security and threat landscape relevant to cloud technologies
Should possess capabilities & support decision-making efforts and strategic tasks
Assist teams to meet deadlines and drive new initiatives
Desired Qualifications: • Excellent verbal, written, and interpersonal communication skills • Experience working in a large enterprise environment • Strong analytical skills with high attention to detail and accuracy • Ability to work effectively, as well as independently, in a team environment • Strong organizational, multi-tasking, and prioritizing skills • Ability to meet time sensitive deadlines required • Ability to work collaboratively and build consensus is essential • Ability to make sound decisions and exercise good judgment • Ability to work and achieve goals without constant supervision • Ability to handle confidential material in a professional manner We Value Diversity: At Wells Fargo, we believe in diversity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national or ethnic origin, age, disability, religion, sexual orientation, gender identity or any other status protected by applicable law. We comply with all applicable laws in every jurisdiction in which we operate.
@RWF22
We Value Diversity
At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.
Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.
Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.
Company: WELLS FARGO BANK
Req Number: R-230754-1
Updated: 2023-02-05 03:23:16.176 UTC
Location: HYDERABAD,India