Lead Infrastructure Security Engineer Data at Rest Encryption

Wells Fargo•Columbus, OH

2d•$119,000 - $187,000•Hybrid

About The Position

Join an exciting, fast-paced organization working on cutting edge encryption, tokenization and key management technologies, leveraged to protect information companywide. Wells Fargo is seeking a Lead Information Security Engineer working with CipherTrust Transparent Data Encryption. This role requires strong Information Technology and Information Security foundational knowledge, as well as experience with and awareness of encryption and key management technologies and engineering practices. The role closely partners with stakeholders across Wells Fargo Technology Infrastructure, Cybersecurity and lines of business to drive information protection product delivery, support business priorities and oversees the allocation of people and financial resources to ensure commitments are met and align with strategic objectives. In this role, you will: Focus on delivering commitments aligned to enterprise strategic priorities Build support for strategies with business and technology leaders Guide development of actionable roadmaps and plans Identify opportunities and strategies for continuous improvement of product delivery practices Set risk management guidelines and partner with stakeholders to implement key risk initiatives Collaborate and influence all levels of professionals including more experienced managers Interface with external agencies, regulatory bodies, or industry forums Interpret and develop range of policies and procedures for functions with moderate to higher complexity and risk Lead efforts to facilitate / manage projects, products, strategic plans and execute other operational aspects on behalf of leader Lead efforts to define / manage required business plans (i.e. draft proposals & plans) and support related initiatives across products – including analyzing & identifying opportunities for efficiencies and innovation across internal processes and the tools to support. Support the product line general manager to solve problems, manage disputes and deal with any issues impacting the TI organization.

Requirements

5+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
Hands‑on experience designing, deploying, and operating Thales CipherTrust Transparent Encryption (CTE) for unstructured data at rest, including file, folder, and volume‑level encryption
Deep understanding of CTE agent architecture, GuardPoints, policies, and In‑Place / Live Data Transformation (IDT/LDT) concepts and trade‑offs
Proven experience administering CipherTrust Manager (formerly DSM/Vormetric) for: Centralized key lifecycle management, Policy enforcement and Audit and access logging
Strong engineering experience with Linux (RHEL, SLES), Windows, and AIX in enterprise environments
Practical knowledge of supported file systems (e.g., ext3/ext4, NTFS, NFS, raw disk encryption scenarios) and their interaction with CTE agents
Ability to assess kernel compatibility, AES‑NI requirements, and host readiness prior to encryption enablement
Strong understanding of data‑at‑rest encryption principles, including: Threat models beyond disk theft (privileged user access, data exfiltration), Why file/folder‑level encryption is required in addition to disk encryption, Knowledge of AES‑256 encryption, hardware acceleration (AES‑NI), and performance considerations in high‑IO workloads and Experience operating encryption solutions in regulated environments
Experience deploying and managing CTE agents using automation frameworks (e.g., Ansible) rather than manual installs
Ability to design repeatable, scalable onboarding patterns for thousands of hosts and large NAS environments
Familiarity with change management constraints (reboots, maintenance windows, encryption sequencing) in production systems

Nice To Haves

5+ years of advanced information security architecture, design, or consulting experience
Strong knowledge of hardware security modules (HSMs) and/or security appliances
Strong knowledge of certificate ciphers and encryption algorithms.
Strong knowledge, understanding and prior experiences with regulatory drivers impacting a complex and dynamic global technology environment.
MS or MBA degree in Business, Finance, Computer Science, Engineering, or related fields
CISSP or CISM or CISA certifications
Microsoft Azure and/or Google Cloud certifications
Practical experience building security solutions through abstraction layer and automation practices.
Policy development experience
Experience with the development and execution of strategy in a large enterprise
Experience creating visually dynamic presentations

Responsibilities

Focus on delivering commitments aligned to enterprise strategic priorities
Build support for strategies with business and technology leaders
Guide development of actionable roadmaps and plans
Identify opportunities and strategies for continuous improvement of product delivery practices
Set risk management guidelines and partner with stakeholders to implement key risk initiatives
Collaborate and influence all levels of professionals including more experienced managers
Interface with external agencies, regulatory bodies, or industry forums
Interpret and develop range of policies and procedures for functions with moderate to higher complexity and risk
Lead efforts to facilitate / manage projects, products, strategic plans and execute other operational aspects on behalf of leader
Lead efforts to define / manage required business plans (i.e. draft proposals & plans) and support related initiatives across products – including analyzing & identifying opportunities for efficiencies and innovation across internal processes and the tools to support.
Support the product line general manager to solve problems, manage disputes and deal with any issues impacting the TI organization.