Wells Fargo - Charlotte, NC

posted 2 months ago

Full-time
Charlotte, NC
Credit Intermediation and Related Activities

About the position

Wells Fargo is seeking a Lead Information Security Engineer for the Vulnerability Scanning team. The Lead engineer will be a motivated individual responsible for the implementation and configuration of vulnerability scanning tools to cover both Public and Private Cloud environments. This role involves providing operational support for a growing number of tools implemented for enterprise vulnerability scanning while collaborating with Line of Business partners. The Lead Information Security Engineer will support and provide direction for vulnerability scans of private and public cloud environments, ensuring that security measures are effectively integrated into the cloud infrastructure. In addition to vulnerability scanning, the engineer will conduct technical investigations of security-related incidents and perform post-incident digital forensics to identify causes and recommend future mitigation strategies. The role also includes providing security consulting on medium projects for internal clients to ensure conformity with corporate information security policies and standards. The engineer will be responsible for designing, documenting, testing, maintaining, and providing issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security. The Lead Information Security Engineer will review and correlate security logs, utilizing subject matter knowledge in industry-leading security solutions and best practices to implement components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity. Identifying security vulnerabilities and issues, performing risk assessments, and evaluating remediation alternatives will also be key responsibilities. Collaboration and consultation with peers, colleagues, and managers will be essential to resolve issues and achieve goals effectively.

Responsibilities

  • Support and provide direction for vulnerability scans of private and public cloud environments.
  • Conduct technical investigations of security-related incidents and perform post-incident digital forensics.
  • Provide security consulting on medium projects for internal clients to ensure conformity with corporate information security policies and standards.
  • Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions.
  • Review and correlate security logs.
  • Utilize subject matter knowledge in industry-leading security solutions and best practices to implement components of information security.
  • Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives.
  • Collaborate and consult with peers, colleagues, and managers to resolve issues and achieve goals.

Requirements

  • 4+ years of Information Security Engineering experience, or equivalent demonstrated through work experience, training, military experience, or education.
  • 2+ years of Java or Python experience.
  • 2+ years of configuration experience with Cloud service providers such as Amazon Web Services (AWS), Google Cloud Platform, or MS Azure.
  • 2+ years of experience with SAS or SQL, or other data management, reporting, and query tools.

Nice-to-haves

  • Experience with Agile methodology of project delivery.
  • Demonstrated experience with enterprise vulnerability assessment solutions (such as Qualys, Guardium, Nmap, Tenable, etc.).
  • Knowledge and understanding of Common Vulnerability Exposures (CVE) and Common Vulnerability Scoring System (CVSS).
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service