1+ months

Cyber Security Research Strategist - Monitoring

Flagstaff, AZ 86004
  • Job Code
Job Description

Since 1852, customers have trusted that Wells Fargo would keep their assets secure from theft and always available. Today, maintaining customer trust remains our underlying operating principle.

Enterprise Information Securitys (EIS) vision is to provide Wells Fargo world leading cyber security risk management. Through a framework that addresses policy, process, operations, people, and technology, EIS protects Wells Fargos infrastructure, corporate data, and customer assets, and ensures alignment with applicable regulations and laws. EIS is part of Wells Fargo's Corporate Risk organization and is led by the Chief Information Security Officer.

Job Description:

Note: This position can sit in any core Wells Fargo location or telecommute.

Our Enterprise Information Security team is looking for a strong cyber security professional to join our Cyber Security Defense and Monitoring team. This role will be responsible for setting the strategy and direction for advanced cyber security threat monitoring and alerting as well as cyber security incident response orchestration for the company. This position will interact directly with Threat Detection Services, Security Content Development, and the Cyber Threat Fusion Center. The ideal candidate will have extensive experience in leading engineering design and development to create innovative technical capabilities. This role will develop and refine strategic plans and technology roadmaps. The candidate should have experience in building prototypes and proof of concepts, pilot systems, and optimize databases in support of operational, business, and strategic requirements. The candidate will have experience in assisting senior leadership with decisions related to business process, security controls, policies and standards, regulations and investment prioritization with a focus on threat monitoring and alerting tools and applications. The ideal candidate will have extensive experience in conducting research and identifying technologies to address capability gaps for emerging cyber threats, attack methods, and evolving Tactics, Techniques, and Procedures (TTPs). The candidate should have experience with data analytic techniques, including machine learning, statistics and data mining to solve core business challenges. The position will require regular interface with external entities including threat monitoring and alerting product vendors, financial industry contacts, and government agencies. Interaction with internal partners including legal, fraud, financial crimes, technology and line of business leaders and executives will be required.

This position will be responsible for:

  • Establishing a baselines for specific threat types that qualify as candidates for security orchestration
  • Reviewing likely third party automation products and compare those to internal capabilities that can be built
  • Setting up testing scenarios and associated architecture for automated threat response activities.
  • Interfacing with technology stakeholders, conduct requirements gathering and build out proof of concept capability

Required Qualifications

  • 10+ years of Information Security experience, including infrastructure, application development security and architecture
  • 5+ years of information security risk assessment experience
  • 5+ years of experience working with multiple security domains (network, application security, threat intelligence and data analytics)
  • 8+ years of Information Security reporting and analysis experience
  • 3 + years of cyber security incidents and events investigation experience
  • 5+ years of Incident Response Protocols and Tools experience
  • 5+ years of experience one or a combination of the following: reporting, analytics, or modeling in an information security environment, information technology environment, or a combination of both
  • 3 + years of digital forensics, security analytics experience, or a combination of both, including incident response

Desired Qualifications

  • Thorough understanding of security principles and their application in an enterprise IT environment
  • Experience with global regulatory requirements that may impact security (EU Privacy)
  • Knowledge and understanding of one or more standard security related frameworks (NIST-Cyber, CoBIT, ISO)
  • Strong analytical, critical thinking and problem solving skills
  • Ability to effectively communicate to both technical and non-technical audiences
  • One or more security certifications (CISSP, GIAC, CISM, CEH)
  • Expertise in rapid development and deployment of new security solutions
  • Knowledge and understanding of malware reverse engineering including: code or behavior analysis for endpoints and the network
  • Ability to execute in a fast paced, high demand, environment while balancing multiple priorities
  • Experience working in a large enterprise environment
  • Knowledge and understanding of banking or financial services industry

Other Desired Qualifications
  • Experience consulting senior leadership or large organizations on Monitoring processes and findings with a focus on maintaining business processes and security controls.
  • Experience with interacting and briefing executives
  • Strong experience with providing oversight to a team of individuals engaged in cyber security operations
  • Advanced Information Security Technical skills and demonstrated experience leading the remediation of highly complex security threats in areas like Phishing, Malware, vulnerability exploitation and others.
  • Hands-on experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices
  • Experience with host-based and/or network-based forensics tools and techniques
  • Experience with host and/or network log analysis as applied to incident response / threat hunting
  • Security Information and Event Management (SIEM/SIM/SEM) experience
  • Experience with network security, endpoint security, or security threat vectors
  • Knowledge of offensive security, with the ability to think like an adversary when hunting and responding to incidents
  • Strong ability to identify anomalous behavior on endpoint devices and/or network communications
  • Strong experience in operating system and application security hardening and best practices
  • Strong investigative mindset with an attention to detail
  • Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux
  • Demonstrate the ability to provide written and verbal communications to management to address real-time issues and incidents, including writing formal incident reports
  • Advanced problem solving skills, ability to develop effective long-term solutions to complex problems
  • Certifications in one or more of the following: Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensics Analyst (GNFA), Offensive Security (OSCP/OSCE/etc), or other relevant certifications.
  • 5+ years of experience with full packet capture solutions.

Job Expectations

  • Ability to travel up to 10% of the time


All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.

Relevant military experience is considered for veterans and transitioning service men and women.

Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.



  • Information Technology
  • Financial Services
  • Security / Protective Services
  • Engineering
  • Government

Featured Jobs

Career News

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Cyber Security Research Strategist - Monitoring

Wells Fargo
Flagstaff, AZ 86004

Share this job

Cyber Security Research Strategist - Monitoring

Wells Fargo
Flagstaff, AZ

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast