Lead DLP Content Development Information Security Engineer

About The Position

Requirements

• 5+ years of Engineering experience, or equivalent demonstrated through work experience, training, military service, or education
• 3+ years of Information Security Metrics and Reporting background
• Scripting and query proficiency (Powershell, SQL, and/or Python) and experience working in Git‑based version control and CI/CD workflows
• Experience leading development of reporting and dashboards in Tableau and PowerBI

Nice To Haves

• 5+ years of experience in information protection, DLP engineering, or security content development
• Hands‑on experience authoring and managing policies on one or more enterprise DLP platforms, such as: Microsoft Purview, Broadcom (Symantec) DLP, Forcepoint, Proofpoint, Zscaler or equivalent technologies
• Familiarity with modern collaboration and productivity platforms, including: Microsoft 365 (Exchange, SharePoint, OneDrive, Teams) and/or Google Workspace
• Excellent written communication and documentation skills, with the ability to communicate effectively to both technical and non‑technical audiences
• Experience in Technical Storytelling: Ability to learn, understand, and present modules to users
• Experience in financial services or other highly regulated industries, with familiarity with: NIST 800‑53 / 800‑171, ISO/IEC 27001, Data privacy and protection requirements
• Knowledge of endpoint DLP, CASB/SSE, secure web gateways, email security, OCR, and document fingerprinting technologies
• Background in exception governance and release‑code processes, balancing risk exposure, business needs, and user experience
• Relevant certifications such as: SC‑400 or SC‑100, CISSP, CCSP, GIAC

Responsibilities

• Provide advanced information security reporting and metrics strategy and implementation platform
• Engage and influence stakeholders within ICS and partners on net new or on material changes to reporting
• Leverage existing platforms (data lake, splunk, etc.) to generate insights
• Provide consulting on security risk assessment and research, and recommend remediation plans and strategies
• Support the development, maintenance, and optimization DLP rules and policies using techniques such as: Regular expressions, Keyword and dictionary‑based detection, Exact Data Match (EDM) / Indexed Data Match (IDM), Document fingerprinting, Machine‑learning classifiers, Classification labels and metadata
• Develop, maintain, and update reporting dashboards in Tableau and PowerBi.
• Assist and aid in other development efforts related to automation, AI prompts, and other non-DLP policy development efforts.
• Conduct technical investigations of security events and incidents, including post‑incident analysis and digital forensics, to identify root causes and recommend long‑term mitigation strategies.
• Continuously tune DLP policies to reduce false positives and negatives using telemetry, triage feedback, and controlled experimentation, measure and report precision, recall, and block efficacy.
• Manage DLP policy‑as‑code artifacts using version control, peer review, and change‑management processes, maintaining traceability from requirement to implementation.
• Develop and maintain: Operational runbooks, Exception and release‑code workflows, User‑facing guidance and FAQs, Release notes for policy updates and changes
• Define, track, and report key performance and risk indicators (KPIs/KRIs), including alert volumes, false-positive rates, channel coverage, and policy maturity.
• Support audits and regulatory exams by preparing evidence, maintaining documentation, and supporting quarterly and annual reviews.
• Align DLP rules and enforcement with Wells Fargo’s information classification and labeling program, ensuring consistent use of tags and labels in policy conditions.
• Collaborate cross‑functionally with Information Protection, Risk, Legal, Messaging & Collaboration, Endpoint, and Cloud teams to safely deploy and evolve controls.
• Mentor peers and contribute to standards, reusable patterns, and best practices for DLP engineering and security content development.

Benefits

• Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.