Lead Information Security Engineer - Email Security
About The Position
Wells Fargo is seeking a Lead Information Security Engineer in Technology as part of Cybersecurity. The ideal candidate will have a well-rounded background in incident response, threat detection, phishing, and cybercrime, with experience in conducting research to identify emerging cyber threats, attack methods, and evolving Tactics, Techniques, and Procedures (TTPs) focused on phishing and/or cybercrime. Experience with data analytic techniques, including machine learning, statistics, and data mining, is desired to solve core business challenges. A solid understanding of endpoint/network defenses and security incident response is also required. This role involves regular collaboration with teams such as the Cyber Threat Fusion Center, Security Content Development, Cyber Threat Intelligence, Cyber Threat Forensics, and Offensive Security. Strong verbal and written communication skills are essential for accurate reporting during and after security incidents. The candidate will also be crucial in phishing disruption efforts, including developing new logic and procedures to identify phishing attacks affecting Wells Fargo customers and employees.
Requirements
- 5+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
- 3+ years of experience in one or more of the following security disciplines: information security monitoring, incident response, vulnerability management, host/network forensics, cyber-crime investigation, penetration testing, business continuity, or cyber threat intelligence
- 3+ years of information technology applications and systems experience
- 3+ years of technical documentation and publication experience
Nice To Haves
- Experience resolving and working through escalated and complex issues
- Experience overseeing development of counter-measure strategies and tactics to offset emerging and evolving external threats from malware/viruses, phishing, pharming and other social engineering schemes
- Ability to execute in a fast paced, high demand, environment while balancing multiple priorities
- 3+ years of malware reverse engineering experience
- Experience working in a large enterprise environment
- Knowledge and understanding of financial crimes investigation
- Knowledge and understanding of banking or financial services industry
- 3+ years of experience managing cybercrime detection, investigation, and intelligence strategies
- Hands-on experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices
- Experience with host and/or network log analysis as applied to incident response / threat hunting
- Knowledge of offensive security, with the ability to think like an adversary when hunting and responding to incidents
- Strong ability to identify anomalous behavior on endpoint devices and/or network communications
- Strong experience in operating system and application security hardening and best practices
- Strong investigative mindset with an attention to detail
- Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux
- Advanced problem solving skills, ability to develop effective long-term solutions to complex problems
- Certifications in one or more of the following: Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensics Analyst (GNFA), Offensive Security (OSCP/OSCE/etc), or other relevant certifications
Responsibilities
- Lead or participate in computer security incident response activities for moderately complex events
- Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
- Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards
- Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
- Review and correlate security logs
- Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
- Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
- Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals
- Lead a team to achieve objectives
Benefits
- Health benefits
- 401(k) Plan
- Paid time off
- Disability benefits
- Life insurance, critical illness insurance, and accident insurance
- Parental leave
- Critical caregiving leave
- Discounts and savings
- Commuter benefits
- Tuition reimbursement
- Scholarships for dependent children
- Adoption reimbursement
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
Number of Employees
5,001-10,000 employees
