Wells Fargo
posted 2 months ago
Wells Fargo is seeking a motivated Lead Information Security Engineer to join an exciting, fast-paced team working on cutting-edge encryption, tokenization, and key management technologies that are leveraged to protect information companywide. This role will provide technical leadership and be an individual contributor to teams that design, deploy, and operationally maintain cryptographic products and services including Hardware Security Modules (HSMs) and security appliances. The ideal candidate will have demonstrated experience in the design and deployment of cryptographic products in physical, virtual, and containerized environments. Additionally, the candidate should have experience in automating processes including product builds, operational maintenance, and customer integration and onboarding. This role reports directly to the Senior Manager for the Encryption, Tokenization, and Key Management team. In this role, you will drive design, deployment, and automation strategies for encryption, tokenization, and key management products and services including Hardware Security Modules, security appliances, and security applications deploying in physical, virtual, and containerized environments. You will provide technical guidance and oversight to teams and team members responsible for product delivery and operational maintenance. Developing and maintaining documentation including design and build guides, deployment strategies, automation guides, and operational processes will be a key responsibility. You will also participate in research, analysis, and evaluation of new cryptographic products and services, as well as participate in Proof of Concept (POC) testing and demonstrations for new cryptographic products and services. Supporting company-driven audits, gathering evidence of compliance to company policies, and driving product enhancements when needed to remediate findings will be part of your duties. You will conduct technical investigations of incidents to identify causes and recommend future mitigation strategies. Collaboration across Wells Fargo teams, including compliance, security architecture, and security evaluation teams, will ensure that cryptographic products are compliant with company policies. You will work with vendors to understand the technology vendor's roadmap, help to influence that roadmap, and ensure requests for technology/product enhancements meet the needs of Wells Fargo. Additionally, you will work with partner engineering teams on the identification and remediation of security vulnerabilities and may conduct risk assessments of infrastructure to ensure compliance with corporate security policies and adherence to best practices. Supporting incident response, root cause analysis, and corrective action activities will also be part of your responsibilities. You will oversee a team of engineers and influence design/architecture decisions regarding encryption infrastructure to support our line of business customers, ensuring design decisions consider blast radius and business resiliency requirements to reduce or eliminate impact during service changes or DDoS type events, among others.