Lead Information Security Engineer

Wells Fargo & CompanyColumbus, OH
Onsite
Match Resume

About The Position

In this role, you will: Provide technical and professional guidance to less experienced staff. Given the nature of the encryption technologies, the team environment is very fast paced and requires the ability to drive to solutions as an individual and to work effectively with the team as well. Be responsible for infrastructure design, engineering, automation, and day to day management of Crypto infrastructure. This infrastructure consists of Windows and Linux servers, software and hardware-based appliances, and Hardware Security Modules (HSMs) leveraged to provide Cryptographic capabilities companywide at Wells Fargo. Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as automation, availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity. Participate in the research, analysis, design, testing and implementation of complex information protection technologies, alongside other teams within our organization. Conduct technical investigation of incidents to identify causes and recommend future mitigation strategies. Develop and implement synthetic transaction monitoring to simulate user interactions, ensuring continuous performance and availability of critical applications. Integrate self-healing technologies into the security architecture, automating responses to incidents and reducing manual intervention. Work with vendors to understand the technology vendor's roadmap, help to influence that roadmap, and ensure requests for technology/product enhancements are meeting the needs of Wells Fargo. Work with partner engineering teams on identification and remediation of security vulnerabilities and may also conduct risk assessments of Infrastructure to ensure compliance with corporate security policies and adherence to best practices. Provide periodic 24/7 on-call support rotation and some work will be required to be done during off hours. Need to be capable of creating technical/engineering documentation and have excellent written and oral communication. Lead incident response activities for highly complex events

Requirements

  • 5+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education.
  • 5+ years of intermediate to advanced level experience with scripting/automation using tools such as: Bash, PowerShell, Python, Ansible, VBScript, or JavaScript, UI path, etc.
  • 5+ years of Unix/Linux Systems Administration experience with in-depth knowledge of troubleshooting, OS hardening and OS tuning.
  • 5+ years of experience with encryption or tokenization technologies.
  • 3+ years of experience performing builds, administration and/or support of hardware security modules or security appliance devices.
  • Advanced Knowledge of Cryptographic protocols & algorithms.
  • Understanding of (format preserving encryption) FPE, tokenization and TDE (transparent data encryption) etc.
  • Knowledge and understanding of implementing infrastructure upgrades, security patches, version upgrades for systems, appliances and HSM’s
  • Experience with Agile Scrum or Kanban methodologies.
  • Proven experience with change and incident management practices in medium to large enterprise environments.
  • Ability to work on call /off-hours as assigned per the Team on-call rotation.
  • Ability to travel up to 5% of the time.
  • This position is not eligible for Visa Sponsorship.
  • No C2C
  • Onsite work required 3x weekly

Nice To Haves

  • Experience with and the ability to thrive in a complex and fast-paced technology and/or information security organization, within a large enterprise environment.
  • Experience with application support in Linux and Windows server environments.
  • Experience performing technical product assessments, including development of implementation plans, in a large enterprise.
  • Experience mentoring/guiding less experienced staff.
  • Strong analytical skills with high attention to detail and accuracy.
  • Advanced critical thinking, problem solving and technical troubleshooting abilities.
  • Ability to identify and assess issues then make sound decisions.
  • Security certifications such as CISSP, GIAC or equivalent.
  • Cloud certifications such as AZ-900, MS-900 or equivalent/higher.
  • Strong verbal, written, and interpersonal communication skills.
  • Advanced scripting skills specifically around log rotation, data collection, error collection and alerting.
  • Knowledge and understanding of implementing infrastructure upgrades, security patches, or version upgrades.
  • Experience with Thales CipherTrust Key Manager and CipherTrust Transparent Encryption (CTE).
  • Experience designing, developing and implementing synthetic transactions for the monitoring of applications and/or infrastructure.
  • Experience with Puppet/Chef/Ansible or similar automation tools.
  • Public cloud engineering or support experience.
  • Knowledge and understanding of Splunk.
  • Knowledge and understanding of Cryptographic Technologies and Key Management.
  • Knowledge and understanding of banking or the financial services industry.
  • Ability to coordinate completion of multiple tasks and meet aggressive time frames.
  • Application development experience.

Responsibilities

  • Provide technical and professional guidance to less experienced staff.
  • Be responsible for infrastructure design, engineering, automation, and day to day management of Crypto infrastructure.
  • Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security.
  • Participate in the research, analysis, design, testing and implementation of complex information protection technologies.
  • Conduct technical investigation of incidents to identify causes and recommend future mitigation strategies.
  • Develop and implement synthetic transaction monitoring to simulate user interactions, ensuring continuous performance and availability of critical applications.
  • Integrate self-healing technologies into the security architecture, automating responses to incidents and reducing manual intervention.
  • Work with vendors to understand the technology vendor's roadmap, help to influence that roadmap, and ensure requests for technology/product enhancements are meeting the needs of Wells Fargo.
  • Work with partner engineering teams on identification and remediation of security vulnerabilities and may also conduct risk assessments of Infrastructure to ensure compliance with corporate security policies and adherence to best practices.
  • Provide periodic 24/7 on-call support rotation and some work will be required to be done during off hours.
  • Lead incident response activities for highly complex events

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Education Level

No Education Listed

Number of Employees

5,001-10,000 employees

Job Search Resources

Similar Lead Information Security Engineer job opportunities

Lead Information Security Engineer
Mastercard
Mastercard • O'fallon, MO8d
LEAD INFORMATION SECURITY ENGINEER
Lumen Technologies
Lumen Technologies6d • Onsite
Information Security Engineer
Bitwerx, Inc.
Bitwerx, Inc. • Lexington, KY7d • $120,000 - $120,000 • Hybrid
Information Security Engineer
Westfield
Westfield • Westfield Center, OH8d • Hybrid
Information Security Engineer
Bitwerx, Inc.
Bitwerx, Inc. • Lexington, KY6d • Hybrid
Information Security Engineer
UnitedHealth Group
UnitedHealth Group • Eden Prairie, MN1d • Remote
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service