1+ months
2017-10-172017-12-21

Cyber Security Research Scientist 2

Des Moines Township, MN
  • Job Code
    5363411-2
Job Description

Our Enterprise Information Security team is looking for a strong cyber security professional to join our Cyber Security Defense and Monitoring Team. The primary role will be testing cloud applications and infrastructure. This role will determine business risk using attacker techniques in order to reduce the overall risk for Wells Fargo. This role will determine likelihood, ease of exploit, data classification, impact and provide a severity/risk rating. This role must be able to utilize complex hacking tools and create proof of concept exploits. The ideal candidate will provide adversarial simulations to identify gaps and educates defense teams (blue teams) on attacker techniques. This role will research, analyze, design, test, and implement complex technologies, systems, and applications. This position reports to the Cyber Threat Management - Vulnerability Assessment Team and works closely with teams in other internal information security programs.

Responsibilities:

  • Validation Testing
  • Conduct innovative research in cyber security
  • Conduct various security assessments in the areas of: networking, device, mobile, wireless, hardware, and web-based application penetration tests
  • Conduct logical security audits and hands-on technical security evaluations and implementations
  • Conduct physical security assessments
  • Develop custom penetration testing tools
  • Develop in-depth findings report
  • Communicate findings to lines of business based on inherit risks


Required Qualifications

  • 3+ years of information security experience in converged testing (red teaming)
  • 1+ year of experience in network, social, and physical domains
  • 3+ years of experience in one or a combination of the following: creating proof of concepts, creating exploits, or reverse engineering
  • 3 + years of executing ethical penetration testing including exploitation and post-exploitation experience



Desired Qualifications

  • Advanced Information Security technical skills
  • Proficient in working with systems, networks, and application vulnerability testing
  • Ability to manage complex security scenarios and develop innovative solutions to address the most recent cyber threats
  • Security engineering experience that includes knowledge and understanding of recent research and industrial advances in one or more of the following areas: computer and communication networks, cyber security threat detection, cyber security experimentation and testing, innovative research in cyber security, physical security controls and their weaknesses, debugging, hardware and device hacking, or electronics security
  • Assessment experience in three or more of the following: mobile, web application, mainframe, wireless or network penetration testing
  • Knowledge and understanding of Python, Ruby, PowerShell, and Shell scripting
  • Physical hardware hacking experience
  • Physical security assessments experience
  • Knowledge and understanding of information security risk assessment procedures, risk mitigation or remediation
  • Ability to work effectively, as well as independently, in a team environment
  • Strong organizational, multi-tasking, and prioritizing skills
  • Ability to handle confidential material in a professional manner
  • Excellent verbal, written, and interpersonal communication skills
  • Knowledge and understanding of banking or financial services industry
  • Experience working in a large enterprise environment
  • Strong analytical skills with high attention to detail and accuracy
  • Knowledge and understanding of system/application architecture and design concepts
  • Ability to present complex material in a digestible, consumable manner to all levels of management



Other Desired Qualifications
  • Cloud Penetration Testing
  • Exceptional report writing skills using a penetration tester framework/methodology.
  • Reverse engineering and reusing exploits
  • Highly experienced with operating system and application hardening best practices
  • Strong ability to find and dissect vulnerabilities without using standard tools
  • Demonstrates issue resolution and negotiation skills;
  • Strong ability to create proof of concepts from discovered potential vulnerabilities
  • Comprehensive understanding of recent research and industry advances in the following areas: Computer and communication networks, Cyber security threat detection, Cyber security experimentation/testing, and Assembly.
  • Perform debugging, performance evaluation, and paper/document writing.
  • Significant experience identifying security vulnerabilities for the company's networks, application systems, hardware infrastructure and emerging technologies to improve the enterprise information security posture.
  • Leads with red team activities and supports computer security incident response activities and the technical investigations of information security related incidents.
  • Certifications in one or more of the following: Global Information Assurance Certification (GIAC), Offensive Security Certified Professional (OSCP), Offensive Security Wireless Professional (OSWP), Offensive Security Certified Expert (OSCE), Offensive Security Exploitation Expert (OSEE), or Offensive Security Web Expert (OSWE)




Disclaimer


All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.



Relevant military experience is considered for veterans and transitioning service men and women.

Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.

Advertisement

Categories

  • Engineering
  • Financial Services
  • Information Technology
  • Legal

Featured Jobs

Career News

Share this job:

Cyber Security Research Scientist 2

Wells Fargo
Des Moines Township, MN

Share this job

Cyber Security Research Scientist 2

Wells Fargo
Des Moines Township, MN
US

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast