11 days old
2018-04-102018-05-10

Application Security Info Security Engineer 6

Minneapolis, MN
  • Job Code
    5400009-1
Job Description

At Wells Fargo, we have one goal: to satisfy our customers financial needs and help them achieve their dreams. Were looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where youll feel valued and inspired to contribute your unique skills and experience.

Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.

Corporate Risk helps all Wells Fargo businesses identify and manage risk.We focus on three key risk areas: credit risk, operational risk and market risk. We help our management and Board of Directors identify and monitor risks that may affect multiple lines of business, and take appropriate action when business activities exceed the risk tolerance of the company.

Youve got the passion. Youve got the skills. Are you looking for the next opportunity to learn and grow? At Wells Fargo, we offer a supportive environment where team members can cultivate their careers and make a difference within our company and the communities we serve.

Since 1852, customers have trusted that Wells Fargo would keep their assets secure from theft and always available. Today, maintaining customer trust remains our underlying operating principle. Enterprise Information Securitys (EIS) vision is to provide Wells Fargo world leading cyber security risk management. Through a framework that addresses policy, process, operations, people, and technology, EIS protects Wells Fargos infrastructure, corporate data, and customer assets, and ensures alignment with applicable regulations and laws. EIS is part of Wells Fargo's Corporate Risk organization and is led by the Chief Information Security Officer.

This position is on the Enterprise Application Security Program (EASP) group within the Wells Fargo Enterprise Information Security organization. This is an exciting opportunity to join a team committed to enabling the secure development of software across the enterprise. The Enterprise Application Security Program (EASP) integrates security through all phases of the Systems Development Life Cycle (SDLC) and has been shifting security left by providing the processes, tools, and governance to enable development teams to build secure software.

This role will be a technical lead position for the EASP program with an emphasis on automating security capabilities for integration/consumption within Continuous Integration/Continuous Deployment (CI/CD) and/or SecDevOps ecosystems. This position will design, develop, and implement complex and highly-technical security solutions that provide software security capabilities (e.g. Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), integrated security testing, software composition analysis) as consumable services. This position will identify emergent software security vulnerabilities and threats, and design enterprise solutions to identify and remediate those vulnerabilities within the SDLC prior to production release. This individual will define strategies for capability automation and delivery to disparate systems across the enterprise. This role will develop policy and process, write documentation, and collaborate with build and release teams to integrate tools. This individual will provide mentoring to lesser experienced staff and collaborate with an offshore development team.

Required Qualifications

10+ years of information security applications and systems experience5+ years application security vulnerability detection and mitigation experience with Open Web Application Security Project (OWASP) Top 10 and SANS Common Weakness Enumeration Top 255 + years of .Net and Java application development experience or a combination of both5+ years of experience in application automation and integration

Desired Qualifications

Expert knowledge and understanding of information security practices and policies, including Information Security Frameworks, Standards, and best practicesAbility to manage highly complex issues and negotiate solutionsExcellent verbal and written communication skillsAbility to interact and communicate effectively with all levels of an organization; including at the executive levelExperience defining and/or developing business initiatives that require integration of multiple technology systemsExperience leading projects that require integration of multiple technology systems to deliver new online functionality and user experienceKnowledge and understanding of threat analysis and assessment of potential and current information security risk/threatsA BS/BA degree or higher in science or technology

Other Desired Qualifications

Hands-on experience developing client services and defining APIs for server Web services
Hands-on experience developing services and/or Micro-services solutions

Disclaimer

All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.

Relevant military experience is considered for veterans and transitioning service men and women.
Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.

Categories

Featured Jobs

Career News

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Application Security Info Security Engineer 6

Wells Fargo
Minneapolis, MN

Share this job

Application Security Info Security Engineer 6

Wells Fargo
Minneapolis, MN
US

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast