24 days old

Info Security Engineer 5

Flagstaff, AZ 86004
  • Job Code
Job Description

Lets talk about building a rewarding career

Youve got the passion. Youve got the skills. Now you just need the right opportunity. At Wells Fargo, youll have the chance to join a team of smart and talented people who share the same values. Our diverse lines of business offer a world of opportunity to expand your capabilities and advance your career. We invest in our people and provide a supportive environment in which to learn and grow.

Wells Fargo & Company (NYSE: WFC) is a nationwide, diversified financial services company with $1.7 trillion in assets. Founded in 1852, Wells Fargo provides banking, insurance, investments, mortgage, and consumer and commercial finance through more than 9,000 locations, more than 12,500 ATMs, online (wellsfargo.com), and mobile devices. Wells Fargo has more than 265,000 team members in 36 countries across our approximately 90 businesses.


Since 1852, customers have trusted that Wells Fargo would keep their assets secure from theft and always available. Today, maintaining customer trust remains our underlying operating principle.

Enterprise Information Securitys (EIS) vision is to provide Wells Fargo world leading cyber security risk management. Through a framework that addresses policy, process, operations, people, and technology, EIS protects Wells Fargos infrastructure, corporate data, and customer assets, and ensures alignment with applicable regulations and laws. EIS is part of Wells Fargo's Corporate Risk organization and is led by the Chief Information Security Officer.

Job Description

Enterprise Information Security Cryptographic Services is looking for an Information Security Engineer to join the Smartcard Access Management Trusted Access team. A successful candidate will provide technical research, recommendations, and implantation guidance, for moderately complex security projects related to access, integrity, confidentiality and business continuity. The candidate will be responsible for being apprised of current security technology, vulnerability awareness, and project related tasks.

  • Develops specifications for extremely complex computer network security/protection technologies for company information and network systems/applications.
    • Develop specifications for certificate templates for authentication, digital signing and encryption, as well as trust frameworks for internal and external issuers to be used with the MyID smart card management system and compatible with other Trusted Access solutions including TAG and pivCLASS.
  • Develops security solutions for the company's networks and virtual private networks, application systems, key public infrastructures, authentication and directory services to ensure the security of the network and confidential data.
    • Recommend solutions and specifications for PKI-based multi-factor authentication and digital signing credentials and secure messaging for corporate systems and applications running on Windows, Linux, Mac OS X, Apple iOS, AS400 and IBM z-series mainframe. Identify use cases for new PKI-based credential technologies to serve business needs and reduce risk across the enterprise.
  • Identifies emergent vulnerabilities, evaluates associated risks and threats, and designs network vulnerability scans to identify security vulnerabilities and provides remediation alternatives to the customer.
    • Provide recommendations for vulnerability mitigation proactively as well as reactively. Identify strategies and solutions within the Trusted Access areas of responsibility to address new or outstanding vulnerabilities.
  • Serves as technical lead responsible for specific areas of computer security incident response activities to include intrusion detection monitoring, scanning, cyber threat reporting, and development/implementation of vulnerability mitigation strategies.
    • Provide detailed risk analysis or guidance on risk analysis following major security events, to include impact analysis and action plans.
  • Leads security risk assessments to ensure compliance with corporate security policies and adherence to best practices.
    • Maintain security plan updates through annual reviews with ISC, out-of-band updates leading into changes or new implementations and create action plans for compliance with new policies and baselines as documented in Policyworks.
  • Leads the evaluation of vendor proposals, new and existing security designs, and emerging security technologies and systems.
    • Evaluate COTS solutions that meet mission objectives of Trusted Access. Define requirements for vendor SOWs as well as enhancements or customizations.
  • Serves as a high level technical security resource on large-scale network and/or systems/applications issues.
    • Define credential issuance specifications that maintain assurance level required for given credential type, to include multifactor requirements, compliance with FIPS 140 levels, and identity proofing for high-assurance biometric systems.

Required Qualifications

  • 7+ years of information security applications and systems experience
  • 4+ years of experience engineering and analyzing Windows based operating systems
  • 3+ years of experience with one or more of the following authentication tools: Windows Credential Provider, SAML, JWT or Kerberos
  • 1+ year of public key infrastructure experience
  • 2+ years of large scale networked smart card technology systems experience

Desired Qualifications

  • Advanced Information Security technical skills and understanding of information security practices and policies
  • Ability to manage complex issues and develop solutions
  • Excellent verbal and written communication skills
  • Advanced Microsoft Office (Word, Excel, and Outlook) skills

Other Desired Qualifications
  • Advanced experience with PKI and FIPS 140-compliant key stores (HSMs, TPMs, smart cards)


All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.

Relevant military experience is considered for veterans and transitioning service men and women.

Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.



  • Financial Services
  • Security / Protective Services
  • Engineering

Featured Jobs

Career News

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Info Security Engineer 5

Wells Fargo
Flagstaff, AZ 86004

Share this job

Info Security Engineer 5

Wells Fargo
Flagstaff, AZ

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast