Information Security Engineer 5

Wells Fargo – Glen Allen, VA

OtherOverview:

Wells Fargo technology teams drive innovation to create a more powerful and fulfilling financial experience for our customers and team members. You will join more than 24,000 team members supporting 95 billion transactions annually in 10 countries. Our career opportunities span the technology spectrum: advanced analytics, big data, information security, application development, cloud enablement, project management and more.

SUCCESS PROFILE

Check out the top traits we re looking for and see if you have the right mix. Additional related traits listed below.

  • Analytical
  • Detail-oriented
  • Insightful
  • Inventive
  • Problem Solver
  • Curious
  • Benefits

    Wells Fargo wants to help you get more out of life and take care of things outside the office to make life a little easier. We provide:

  • Medical, Dental and Vision
  • Employer Matching 401(k)
  • Tuition Reimbursment
  • Maternity and Paternity Leave
  • Paid Time Off
  • ResponsibiltiesJob Description

    At Wells Fargo, we want to satisfy our customers financial needs and help them succeed financially. Were looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where youll feel valued and inspired to contribute your unique skills and experience.

    Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you

    Enterprise Finance & Information Technology offers technology and services that exceed Wells Fargo customers expectations and directly enable them to succeed financially. We interact with customers more than 12 billion times a year through in-store, online, ATM, and telephone transactions. We impact customers directly, through systems availability and security, as well as indirectly, through our business partners who offer and deliver a myriad of products and services that meet customers financial needs. We provide a competitive advantage for the company through excellence in fundamentals, integrated partnerships, and our talented and engaged team members.


    Note: This position may sit at any core Wells Fargo location or telecommute

    The EIS Security Code Review (SCR) team provides application vulnerability and risk identification for many of the critical applications used by Wells Fargo, from an automated and manual static analysis (code level) perspective. SCR is extending its core team capabilities in vulnerability and risk identification to additionally include validation review.

    Within the Cyber Security Defense and Monitoring (CSD&M) organization, this Information Security Engineer position will serve as a high level technical security resource on the SCR Validation Review team. This is an exciting ground-floor opportunity to be part of a fully functional, new team that extends core SCR team capabilities into a new validation review arena, while leveraging mature security code review processes. This team is responsible for the validation of code level security remediation by the business for all public facing applications, internally hosted and vendor hosted, supporting local, vendor-integrated, and remote review capabilities. The new team member will conduct source code validation reviews, working closely with our business partners and developers, to determine accuracy in closure of code-level security vulnerabilities, ensure compliance with corporate security policies and adherence to best practices. This is an exciting opportunity to be part of a growing team of niche, high performance security talent.

    Reviews encompass a vast assortment of language technologies that vary between reviews, with the majority split between both Microsoft and Java-based technologies spanning mobile applications, classic web applications/portals, newer innovation applications and more. While working to your strengths in reviews aligned to your own unique core technology background, you will have supported opportunity to learn new technologies and gain new skills. In fact, professional development is one of the core work objectives for each SCR team member, where enhancing current and building new capabilities are favorable traits and encouraged. Additionally, opportunities exist to help improve process and develop innovative tools that increase productivity across the team.

    This position will report directly to the SCR Validation Review Manager situated within Cyber Threat Management (CTM), and will be working with a high performance team of security engineers focused on driving success of manual and automated security review capabilities within the SCR Team that operates as part of CTM within EIS CSD&M. This is an exciting opportunity as Wells Fargo continues to improve and expand our core capabilities in application vulnerability detection, risk identification, remediation validation and reporting.

    Team members are spread across several locations, with the majority of the team working remotely. We focus on hiring the best talent regardless of the location. We dont expect you to join us and hit the ground running. We take what we do seriously, and expect to train you on our processes with a learning curve that will take several months to master fully. We believe in diversity. Your opinions matter to us, opening discussion forums to the opinions of all team members so that we can uniformly make strategic and operational improvements that consider all sides or inviting you to opt-in to specialized team or department level working groups that assess unique and diverse topics in code level security that will help to optimize vulnerability detection, how we assess risk, how to validate remediation effectively, and consider appropriate safeguards.

    If this sounds like a position that interests you, apply today. Wed like to understand your capabilities, background, and opinions on application security.


    Required Qualifications

  • 7+ years of information security applications and systems experience
  • 5+ years of J2EE experience or 5+ years of .net experience
  • 1+ year of relational database experience
  • 3+ years of static code review experience

  • Desired Qualifications

  • Advanced Information Security technical skills and understanding of information security practices and policies
  • Ability to manage complex issues and develop solutions
  • Excellent verbal and written communication skills
  • 3+ years of SAST (Static Analysis Software Testing) experience
  • Knowledge and understanding of information security policies and control standards governing network security products/tools
  • Ability to identify and manage complex issues and negotiate solutions within a geographically dispersed organization
  • Highly refined and professional verbal and written communications
  • Knowledge and understanding of technology testing: web-based applications developed in Java or .net framework
  • Knowledge and understanding of design and development of modern web applications and mobile technologies
  • Knowledge and understanding of technology testing: dynamic application or software assessments (web application penetration testing, web application vulnerability testing)
  • Ability to execute in a fast paced, high demand, environment while balancing multiple priorities
  • Ability to organize and manage multiple priorities
  • Ability to articulate issues, risks, and proposed solutions to various levels of staff and management
  • Outstanding problem solving skills
  • Strong negotiating skills
  • Ability to translate and present complex technical data across technical and non-technical groups

  • Other Desired Qualifications
  • 3+ years application security vulnerability detection and mitigation experience with Open Web Application Security Project (OWASP) Top 10 and SANS Common Weakness Enumeration Top 25.
  • Experience with, or understanding of, AJAX and web services
  • Experience with server-side javascript
  • Experience with Salesforce Apex
  • Experience writing rules for SAST tools like HP Fortify SCA and Checkmarx
  • Involved in local security groups, such as OWASP local Chapters
  • Developer Certifications (examples include SCWCD, SCJP, SCJD, SCJA, MCSD, etc.)
  • Understanding of SSL/TLS and Cryptography (symmetric and asymmetric encryption, PKI, etc.)
  • Ability to handle difficult situations and to provide alternative solutions or workarounds
  • Flexible and creative in helping to find acceptable solutions
  • CISSP, CSSLP, GSSP, or comparable security certification
  • Ability to comprehend large, complex applications written by others from reading source code
  • Knowledge of risk assessment methodologies and frameworks and how to apply them to diverse applications.
  • Ability to stay current with emerging technologies and industry trends

  • Street Address

    MN-Shoreview: 1801 Parkview Dr - Shoreview, MN
    NC-Charlotte: 1525 W Wt Harris Blvd - Charlotte, NC
    TX-Irving: 2975 Regent Blvd - Irving, TX
    MN-Minneapolis: 255 2nd Ave S - Minneapolis, MN
    VA-Glen Allen: 4340 Innslake Dr - Glen Allen, VA
    NC-Raleigh: 1100 Corporate Center Dr - Raleigh, NC
    NC-Charlotte: 401 S Tryon St - Charlotte, NC

    Disclaimer


    All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.

    Relevant military experience is considered for veterans and transitioning service men and women.

    Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.


    ENT TECHNOLOGY

    This job posting is no longer available on OPTnation.
    Find similar jobs: on Job Search

    All Jobs in Glen Allen, VA

    • Engineer-Advanced - Network Security Services (Operations: National Ne

      Federal Reserve Bank of Richmond Richmond, VA

      View Job
    • Director, Facilities and Real Estate

      Goodwill Virginia Richmond, VA

      View Job
    • Physical Scientist (Environmental)

      US Department of the Army Fort Lee, VA

      View Job
    • Senior Systems Engineer

      GroundForce IT Glen Allen, VA

      View Job
    • Data Engineer (,19-00534,19-00801)

      Chesterfield County, VA Chesterfield, VA

      View Job
    • Info Security Engineer 5

      Wells Fargo Glen Allen, VA

      View Job
    • Cyber Security Engineer (SIEM - Arcsight or ACAS)-TS/SCI

      Markesman Group Richmond, VA

      View Job
    • Information Security Engineer 4 Security Code Review Team

      Wells Fargo Glen Allen, VA

      View Job
    • Engineer - Associate to Advanced

      Federal Reserve Bank of Richmond Richmond, VA

      View Job
    • 259335 Engineer – Experienced (IT Integrated Analysis Support)

      Federal Reserve Bank of Richmond Richmond, VA

      View Job
    • Information Security Engineer Senior

      NOK-Galapagos, LLC Richmond, VA

      View Job

    Featured Articles

    Reasons To Take Up BA QA Training and Placement in USA

    24 September 2015

    Business Analyst’s work is related to company’s business where the person has to work with client mapping and defining the business requirements. Whereas the term QA means Quality Analyst who develops, executes and test the code for the software and also the working of software. Their duty is to

    read more..

    Issues Faced By International Students on F-1 Visa or H-1B

    15 September 2015

    The F-1 visa holder international students are permitted to work only if the certain criteria and conditions are met. The F-1 visa holders have the benefit of changing to H1B visa if they meet the conditions required for it. Issues Faced By International Stud

    read more..

    Benefits of Employee Salaried or Hourly with Pros and Cons

    22 March 2019

    What's better in the USA? - Salary vs Hourly The remuneration you’re being offered plays a major role as one of the deciding factors of whether or not to take on a job. Just like you contemplate about your responsibilities of the job, your new role and company culture, s

    read more..

    Trump signs Executive Order Focusing ‘Buy American, Hire American’ to Stop misuse of H1B visa

    19 April 2017

    On Tuesday April 18, Trump signed an executive order that governed federal agencies to implement a "Buy American, Hire American" strategy. The order aimed that Trump would favor American companies for federal contracts and reform the H-1B visa program for foreign workers and stop “misuse” of 

    read more..

    Thanks For Your Feedback

    Attach A Resume First