Important Note: During the application process, ensure your contact information (email and phone number) is up to date and upload your current resume when submitting your application for consideration. To participate in some selection activities you will need to respond to an invitation. The invitation can be sent by both email and text message. In order to receive text message invitations, your profile must include a mobile phone number designated as 'Personal Cell' or 'Cellular' in the contact information of your application.
At Wells Fargo, we want to satisfy our customers' financial needs and help them succeed financially. We're looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you'll feel valued and inspired to contribute your unique skills and experience.
Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
Wells Fargo Technology sets IT strategy; enhances the design, development, and operations of our systems; optimizes the Wells Fargo infrastructure footprint; provides information security; and enables continuous banking access through in-store, online, ATM, and other channels to Wells Fargo's more than 70 million global customers.
Enterprise Information Security within Wells Fargo is seeking an Info Security Engineer to support application security for Wells Fargo. In this role, the initial function will be to perform Dynamic Application Security Testing (DAST) retests to determine if remediation of previously identified vulnerabilities in applications was successful. Later, you will work with software development partners to identify and mitigate the security vulnerabilities in applications through Dynamic Application Security Testing (DAST) of applications. Communication with the business security team, information security consultants (ISCs), operation risk consultants (ORCs), enterprise security group, and development technology partners is critical in this role. You will also act as an application security SME for the development and security communities within Wells Fargo.
The Info Security Engineer will:
Conduct dynamic application security testing using both manual and automated testing tools.
Review test results from tools
Ensure that automated tests are completed successfully
Configure tools as required to be successful in evaluating applications
Identify and remove any false positives from automated testing tool reports
Triage & Disposition results and enforce a Bug Bar
Verify/validate defect fixes
Provide application security consulting SME Support to developers
Assist developers with understanding of security defects and risk
Assist in defining acceptable solution to fix defects
Communicate Security risk to ISCs and ORCs to document security issues and controls for security planning purposes
Help maintain Security Coding Standards and Bug Bar as required
Assist in the Development of standards as required
Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities
Develop and review malicious use cases/threat models
Maintain a broad understanding of security technologies and products
Actively participate on improving the security culture and education throughout the organization
5+ years of information security applications and systems experience
3+ years of DAST (Dynamic Application Security Testing) experience
3+ years of web application penetration testing experience
3+ years of automated information security penetration tools experience
3+ years of manual information security penetration testing tools, topics, and techniques experience
1+ years of experience with vulnerability management data and processes
Advanced Information Security technical skills
Ability to manage complex issues and develop solutions
Excellent verbal and written communication skills
Knowledge and understanding of application or software security such as: web application penetration testing, secure code review, secure static code analysis
Knowledge and understanding of banking or financial services industry
Experience working in a large enterprise environment
Strong analytical skills with high attention to detail and accuracy
Knowledge and understanding of information security industry standards and government regulations
Ability to manage multiple and competing priorities
Ability to work with limited supervision
Ability to take on a high level of responsibility, initiative, and accountability
Strong collaboration and partnering skills
Other Desired Qualifications
Demonstrated experience with creating and communication of reports regarding web application vulnerabilities to various level of personnel within a large organization
Demonstrated experience developing and reviewing malicious use cases/threat models
NC-Charlotte: 401 S Tryon St - Charlotte, NC AZ-Chandler: 2600 S Price Rd - Chandler, AZ NC-Winston Salem: 809 W 4 1/2 St - Winston Salem, NC MN-Minneapolis: 255 2nd Ave S - Minneapolis, MN CA-SF-Financial District: 333 Market St - San Francisco, CA NY-New York: 150 E 42nd St - New York, NY
All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.
Relevant military experience is considered for veterans and transitioning service men and women. Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.
Internal Number: 5544085-6
About Wells Fargo
Wells Fargo & Company (NYSE: WFC) is a diversified, community-based financial services company with $1.9 trillion in assets. Wells Fargo’s vision is to satisfy our customers’ financial needs and help them succeed financially. Founded in 1852 and headquartered in San Francisco, Wells Fargo provides banking, investment and mortgage products and services, as well as consumer and commercial finance, through 7,400 locations, more than 13,000 ATMs, the internet (wellsfargo.com) and mobile banking, and has offices in 32 countries and territories to support customers who conduct business in the global economy. With approximately 260,000 team members, Wells Fargo serves one in three households in the United States. Wells Fargo & Company was ranked No. 29 on Fortune’s 2019 rankings of America’s largest corporations. News, insights and perspectives from Wells Fargo are also available at Wells Fargo Stories.
www.wellsfargo.com | Twitter: @WellsFargo