12 days old
2018-08-032018-09-02

Info Security Engineer 5

San Francisco, CA
  • Job Code
    5410709-2
Job Description

At Wells Fargo, we want to satisfy our customers financial needs and help them succeed financially. Were looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where youll feel valued and inspired to contribute your unique skills and experience.

Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.

Corporate Risk helps all Wells Fargo businesses identify and manage risk.We focus on three key risk areas: credit risk, operational risk and market risk. We help our management and Board of Directors identify and monitor risks that may affect multiple lines of business, and take appropriate action when business activities exceed the risk tolerance of the company.

ENTERPRISE INFORMATION SECURITY:

Since 1852, customers have trusted that Wells Fargo would keep their assets secure from theft and always available. Today, maintaining customer trust remains our underlying operating principle.

Enterprise Information Securitys (EIS) vision is to provide Wells Fargo world leading cyber security risk management. Through a framework that addresses policy, process, operations, people, and technology, EIS protects Wells Fargos infrastructure, corporate data, and customer assets, and ensures alignment with applicable regulations and laws. EIS is part of Wells Fargo's Corporate Risk organization and is led by the Chief Information Security Officer.

The Secure Software Group is a core part of the Enterprise Information Security organization and is dedicated to developing and embedding security practices into the Wells Fargo software development lifecycle. SSG represents a strong and focused commitment by Wells Fargo executives and management to meet the security needs of an ever changing software landscape and to ensure our customers information is secure.

KEY JOB RESPONSIBILITIES (ESSENTIAL POSITION FUNCTIONS):

This position has reporting responsibility to the Secure Software Group within the Wells Fargo Enterprise Information Security organization.

This individual will focus on work associated with the Enterprise Application Security Program and be responsible for ensuring the design, implementation, and ongoing governance of the Secure-Software Development Lifecycle (Secure-SDLC). The selected candidate must help to drive cultural and organizational change across development environments such that Secure-SDLC processes and secure coding methods will be thoroughly embedded within the Wells Fargo Software Development Lifecycle.

Additionally, this individual must be able to handle multiple ongoing projects as part of the Enterprise Application Security Program and therefore must possess a strong combination of analytical, assessment, assurance, organizational and relationship management skills, and must be capable of working successfully with a wide variety of stakeholders such as application owners, project managers, systems architects, application developers, quality assurance testers, and others in a highly distributed environment.

In addition, this individual will serve as a Secure-SDLC Subject Matter Expert (SME) responsible for the specific technological areas of application security listed in the Required Qualifications and Desired Skills sections below.

Required Qualifications

7+ years of information security applications and systems experience7+ years of information security experience2+ years of web applications experience1+ year of DAST (Dynamic Application Security Testing) experience2+ years of Configuration Management Tools experience3+ years of Python experience3+ years of Java experience

Desired Qualifications

Advanced Information Security technical skills and understanding of information security practices and policiesAbility to manage complex issues and develop solutionsExcellent verbal and written communication skillsSAST (Static Analysis Software Testing) experience4+ years of DAST (Dynamic Application Security Testing) experienceSecure SDLC (System Development Life Cycle) methodologies experienceKnowledge and understanding of monitoring the development of security vulnerabilities, threats, exposures, associated risk, and mitigating solutionsAbility to execute in a fast paced, high demand, environment while balancing multiple prioritiesCertified Information Systems Security Professional (CISSP)Certified Secure Software Lifecycle Professional (CSSLP)Fortify Code Analyzer experienceA BS/BA degree or higher

Other Desired Qualifications
  • Recent experience with CI/CD tool experience
  • Hands on experience configuring IDEs as a developer (Eclipse and/or Visual Studio or similar)
  • Hands on experience with all or some of the following practices; threat modeling, static analysis, bug bars, attack surface analysis, risk/privacy assessments, dynamic analysis, design requirements
  • Hands on experience with FOSS, and open source application development tools and repositories
  • Application security experience with banking/financial services applications
  • Experience with Microsofts Secure Development Lifecycle
  • Able to work independently without direct, continuous supervision
  • Disclaimer

    All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.

    Relevant military experience is considered for veterans and transitioning service men and women.
    Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.

    Categories

    Featured Jobs

    Career News

    Before you go...

    Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

    Share this job:

    Info Security Engineer 5

    Wells Fargo
    San Francisco, CA

    Join us to start saving your Favorite Jobs!

    Sign In Create Account
    Powered ByCareerCast