At Wells Fargo, we want to satisfy our customers' financial needs and help them succeed financially. We're looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you'll feel valued and inspired to contribute your unique skills and experience.
Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
Enterprise Finance & Information Technology offers technology and services that exceed Wells Fargo customers' expectations and directly enable them to succeed financially. We interact with customers more than 12 billion times a year through in-store, online, ATM, and telephone transactions. We impact customers directly, through systems availability and security, as well as indirectly, through our business partners who offer and deliver a myriad of products and services that meet customers' financial needs. We provide a competitive advantage for the company through excellence in fundamentals, integrated partnerships, and our talented and engaged team members.
Enterprise Information Security:
Since 1852, customers have trusted that Wells Fargo would keep their assets secure from theft and always available. Today, maintaining customer trust remains our underlying operating principle.
Enterprise Information Security's (EIS) vision is to provide Wells Fargo world leading cyber security risk management. Through a framework, that addresses policy, process, operations, people, and technology, EIS protects Wells Fargo's infrastructure, corporate data, and customer assets, and ensures alignment with applicable regulations and laws.
Enterprise Information Security within Wells Fargo is seeking an Info Security Engineer to support application security for all of Wells Fargo applications. In this role, you will work with software development partners to identify and mitigate the security vulnerabilities in the applications identified through Automated Dynamic Application Security Testing (ADAST). Communication with the business security team, information security consultants (ISCs), operation risk consultants (ORCs), enterprise security group, and development technology partners is critical in this role. You will also act as an application security SME for the development and security communities within Wells Fargo.
The Info Security Engineer will:
Conduct automated dynamic application security testing using automated testing tools
Review test results from tools
Ensure that automated tests are completed successfully
Identify and remove any false positives from automated testing tool reports
Triage & Disposition results and enforce a Bug Bar
Verify/validate defect fixes
Provide application security consulting SME Support to developers
Assist developers with understanding of security defects and risk
Assist in defining acceptable solution to fix defects
Communicate and document security risks, issues and controls for security planning purposes with line of business liaisons Help maintain Security Coding Standards and Bug Bar as required
Assist in the Development of standards as required
Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities
Develop and review malicious use cases/threat models
Maintain a broad understanding of security technologies and products
Actively participate on improving the security culture and education throughout the organization
Advanced Information Security technical skills
Ability to manage complex issues and develop solutions
Excellent verbal and written communication skills
1+ year of DAST (Dynamic Application Security Testing) experience
Knowledge and understanding of application or software security such as: web application penetration testing, secure code review, secure static code analysis
Knowledge and understanding of banking or financial services industry
Experience working in a large enterprise environment
Strong analytical skills with high attention to detail and accuracy
Knowledge and understanding of information security industry standards and government regulations
Ability to manage multiple and competing priorities
Ability to work with limited supervision
Ability to take on a high level of responsibility, initiative, and accountability
Good attention to detail and accuracy skills
Strong collaboration and partnering skills
Other Desired Qualifications
Demonstrated experience with automated dynamic application security testing using automated testing tools
Demonstrated experience developing and reviewing malicious use cases/threat models
AZ-Chandler: 2600 S Price Rd
MN-Minneapolis: 255 2nd Ave S - Minneapolis, MN
NC-Charlotte: 401 S Tryon St
All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.
Relevant military experience is considered for veterans and transitioning service men and women.
Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.