Important Note: During the application process, ensure your contact information (email and phone number) is up to date and upload your current resume when submitting your application for consideration. To participate in some selection activities you will need to respond to an invitation. The invitation can be sent by both email and text message. In order to receive text message invitations, your profile must include a mobile phone number designated as “Personal Cell” or “Cellular” in the contact information of your application.
At Wells Fargo, we want to satisfy our customers’ financial needs and help them succeed financially. We’re looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you’ll feel valued and inspired to contribute your unique skills and experience.
Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
Wells Fargo Technology sets IT strategy; enhances the design, development, and operations of our systems; optimizes the Wells Fargo infrastructure footprint; provides information security; and enables continuous banking access through in-store, online, ATM, and other channels to Wells Fargo’s more than 70 million global customers.
Since 1852, customers have trusted that Wells Fargo would keep their assets secure from theft and always available. Today, maintaining customer trust remains our underlying operating principle.
Information and Cyber Security’s (ICS) vision is to provide Wells Fargo world leading cyber security risk management. Through a framework that addresses policy, process, operations, people, and technology, IS protects Wells Fargo’s infrastructure, corporate data, and customer assets, and ensures alignment with applicable regulations and laws. IS is part of Wells Fargo's Technology organization and is led by the Chief Information Security Officer.
Our ICS team is looking for a strong cyber security professional to join our Threat Disruptions team. The ideal candidate will have a well-rounded background in incident response, threat detection, phishing, and cybercrime. The ideal candidate will have experience in conducting research and identifying methods to detect emerging cyber threats, attack methods, and evolving Tactics, Techniques, and Procedures (TTPs) with an emphasis on phishing and/or cybercrime. The candidate should have some experience with data analytic techniques, including machine learning, statistics and data mining to solve core business challenges. Additionally, the candidate should have a solid understanding of in endpoint/network defenses and security incident response. Strong verbal and written communication skills are desired, in order to ensure thorough and accurate reporting during and concluding a security incident. The candidate will also play a major role in our phishing disruption efforts, including creation of new logic and procedures to identify phishing attacks impacting Wells Fargo customers and employees. Regular collaboration with multiple teams such as the Cyber Threat Fusion Center, Security Content Development, Cyber Threat Intelligence, and Offensive Security teams will be critical to success.
7+ years of information security applications and systems experience
2+ years of email security experience with industry standard tools
3+ years of Incident Response Protocols and Tools experience
Advanced Information Security technical skills and understanding of information security practices and policies
Ability to manage complex issues and develop solutions
Excellent verbal and written communication skills
1+ year of Cyber Resilience experience
3+ years of financial crimes experience
Experience overseeing development of counter-measure strategies and tactics to offset emerging and evolving external threats from malware/viruses, phishing, pharming and other social engineering schemes
Ability to execute in a fast paced, high demand, environment while balancing multiple priorities
Experience working in a large enterprise environment
Knowledge and understanding of financial crimes investigation
Knowledge and understanding of banking or financial services industry
Other Desired Qualifications
5+ years of experience with network security, endpoint security, or security threat vectors
5+ years of cyber security incidents and events investigation experience
4+ years of experience with one or a combination of the following email security tools: Proofpoint, SendMail, Cisco IronPort, Symantec Email Security (Cloud and Messaging Gateway), Mimecast, Barracuda Networks, Fortinet (Fortimail) or FireEye
3+ years of experience managing cybercrime detection, investigation, and intelligence strategies
Hands-on experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices
Experience with host and/or network log analysis as applied to incident response / threat hunting
Knowledge of offensive security, with the ability to think like an adversary when hunting and responding to incidents
Strong ability to identify anomalous behavior on endpoint devices and/or network communications
Strong experience in operating system and application security hardening and best practices
Strong investigative mindset with an attention to detail
Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux
Advanced problem solving skills, ability to develop effective long-term solutions to complex problems
Flexibility to address incidents as needed 24 hours a day
Certifications in one or more of the following: Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensics Analyst (GNFA), Offensive Security (OSCP/OSCE/etc), or other relevant certifications.
Ability to travel up to 10% of the time