Cloud Senior Information Security Engineer

About the position

Wells Fargo is seeking a Cloud Senior Information Security Engineer for the Vulnerability Scanning team. The Lead engineer will be a motivated individual who is responsible for implementation and configuration of vulnerability scanning tools to cover Public/Private Cloud. Individual will provide operational support for growing a number of tools implemented for enterprise vulnerability scanning working with Line of Business partners.

Responsibilities

• Support and provide direction for vulnerability scan of private / public cloud environments
• Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
• Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards
• Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
• Review and correlate security logs
• Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
• Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
• Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals

Requirements

• 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 2+ years of configuration experience with Cloud service providers such as Amazon Web Services (AWS), Google Cloud Platform (GCP) or MS Azure
• 2+ years of experience with SAS or SQL, or other data management, reporting and query tools

Nice-to-haves

• 2+ years of Java or Python experience
• Experience with Agile methodology of project delivery
• Demonstrated experience with enterprise vulnerability assessment solutions (such as Qualys, Guardium, Nmap, Tenable etc.)
• Knowledge and understanding of Common Vulnerability Exposures (CVE) and Common Vulnerability Scoring System (CVSS)