Cyber Security Research Engineer- Validation Red Team

Wells Fargo & Company•San Antonio, TX

6d•$87,000 - $140,000•Hybrid

About The Position

Wells Fargo is looking for a strong cyber security professional to perform validation work to ensure that findings identified by the Offensive Security Research Team have been remediated. This role will involve the analysis and re-execution of previous red team findings to verify that these techniques and tactics either no longer work or have adequate detective controls that will alert when they are detected. Team member will be responsible for executing attack chains, writing reports, and communicating those results to business and system owners. They must be able to consult with representatives from other parts of the bank to explain the details behind the work they do and could be called upon to assist with the creation of defensive tactics to detect or prevent the activity in question. This team member must be able to utilize complex hacking tools and will research and analyze offensive technologies, systems, and applications to re-create prior testing conditions in a production environment. This position reports to the Cyber Threat Management – Offensive Security Research Team and will partner with other internal teams to participate in threat emulation activities.

Requirements

2+ years of Cyber Security Research experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
2+ years of information security experience in converged testing (red teaming)

Nice To Haves

2+ years of experience with Linux OS environment
2+ years of experience with Burpsuite Pro
2+ years of experience working with VMWare Workstation
2+ years of cloud computing experience in one or a combination of the following: Amazon Web Services (AWS), Google Cloud Compute (GCC) or Azure Cloud Security
Knowledge of Python, Ruby, PowerShell, and Shell Scripting
Knowledge and understanding of information security risk assessment procedures, risk mitigation or remediation
Ability to handle confidential material in a professional manner
Knowledge and understanding of banking or financial services industry
Experience working in a large enterprise environment
Knowledge and understanding of system/application architecture and design concepts
Ability to present complex material in a digestible, consumable manner to all levels of management
Experience performing offensive security assessments against cloud environments
Certifications in one or more of the following: Global Information Assurance Certification (GIAC), Offensive Security Certified Professional (OSCP), Offensive Security Wireless Professional (OSWP), Offensive Security Certified Expert (OSCE), Offensive Security Exploitation Expert (OSEE), or Offensive Security Web Expert (OSWE)

Responsibilities

Conduct innovative research in cyber security
Participate in active offensive security operations
Perform vital work to validate that findings have been remediated
Develop and present in-depth reports that provide a narrative of your activity
Communicate results to lines of business based on inherit risks
Work with the leadership team to identify opportunities and process improvements
Participate in purple teaming
Demonstrate proficiency in using AI‑assisted development and analysis tools (e.g., GitHub Copilot and approved code‑centric agents)
Leverage AI to accelerate system design, coding, testing, analysis, and troubleshooting
Apply strong technical judgment when validating and integrating AI‑assisted outputs into solutions
Understand and account for model limitations, security risks, and operational considerations
Apply AI responsibly in development and production environments
Ensure AI usage aligns with security, compliance, privacy, and ethical standards