1+ months
2018-03-172018-05-25

Info Security Engineer 3 Automated Dynamic Application Security Tester

Charlotte, TX
  • Job Code
    5395234-5
Job Description

At Wells Fargo, we have one goal: to satisfy our customers financial needs and help them achieve their dreams. Were looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where youll feel valued and inspired to contribute your unique skills and experience.

Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you

Corporate Risk helps all Wells Fargo businesses identify and manage risk. We focus on three key risk areas: credit risk, operational risk and market risk. We help our management and Board of Directors identify and monitor risks that may affect multiple lines of business, and take appropriate action when business activities exceed the risk tolerance of the company.

Enterprise Information Security within Wells Fargo is seeking an Info Security Engineer to support application security for all of Wells Fargo applications. In this role, you will work with software development partners to identify and mitigate the security vulnerabilities in the applications identified through Automated Dynamic Application Security Testing (ADAST). Communication with the business security team, information security consultants (ISCs), operation risk consultants (ORCs), enterprise security group, and development technology partners is critical in this role. You will also act as an application security SME for the development and security communities within Wells Fargo.

The Info Security Engineer will:

Conduct automated dynamic application security testing using automated testing tools

  • Review test results from tools
  • Ensure that automated tests are completed successfully
  • Identify and remove any false positives from automated testing tool reports
  • Triage & Disposition results and enforce a Bug Bar
  • Verify/validate defect fixes
  • Provide application security consulting SME Support to developers
  • Assist developers with understanding of security defects and risk
  • Assist in defining acceptable solution to fix defects
  • Communicate and document security risks, issues and controls for security planning purposes with line of business liaisons Help maintain Security Coding Standards and Bug Bar as required
  • Assist in the Development of standards as required
  • Provide training
  • Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities
  • Develop and review malicious use cases/threat models
  • Maintain a broad understanding of security technologies and products
  • Actively participate on improving the security culture and education throughout the organization
  • Required Qualifications

    1+ years of experience managing application security vulnerabilities as a developer, a system administrator, or an application systems engineer or 1+ years of experience in a role coordinating the test results of vulnerabilities3+ years of information security applications and systems experience

    Desired Qualifications

    Experience working in a large enterprise environmentAbility to manage multiple and competing prioritiesAbility to take on a high level of responsibility, initiative, and accountabilityAbility to work with limited supervisionGood attention to detail and accuracy skillsKnowledge and understanding of application or software security such as: web application penetration testing, secure code review, secure static code analysisKnowledge and understanding of banking or financial services industryKnowledge and understanding of information security industry standards and government regulationsStrong analytical skills with high attention to detail and accuracyStrong collaboration and partnering skills1+ year of DAST (Dynamic Application Security Testing) experienceAbility to manage complex issues and develop solutionsAdvanced Information Security technical skillsExcellent verbal and written communication skills

    Other Desired Qualifications
  • Demonstrated experience with automated dynamic application security testing using automated testing tools
  • Demonstrated experience developing and reviewing malicious use cases/threat models
  • Disclaimer

    All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.

    Relevant military experience is considered for veterans and transitioning service men and women.
    Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.

    Categories

    Featured Jobs

    Career News

    Before you go...

    Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

    Share this job:

    Info Security Engineer 3 Automated Dynamic Application Security Tester

    Wells Fargo
    Charlotte, TX

    Share this job

    Info Security Engineer 3 Automated Dynamic Application Security Tester

    Wells Fargo
    Charlotte, TX
    US

    Separate email addresses with commas

    Enter valid email address for sender.

    Join us to start saving your Favorite Jobs!

    Sign In Create Account
    Powered ByCareerCast