Mar 26, 2020

Penetration Engineer - ISE4

  • Wells Fargo
  • Winston-Salem, NC, USA
Full-Time

Job Description

Job Description
Important Note: During the application process, ensure your contact information (email and phone number) is up to date and upload your current resume when submitting your application for consideration. To participate in some selection activities you will need to respond to an invitation. The invitation can be sent by both email and text message. In order to receive text message invitations, your profile must include a mobile phone number designated as "Personal Cell" or "Cellular" in the contact information of your application.
At Wells Fargo, we want to satisfy our customers' financial needs and help them succeed financially. We're looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you'll feel valued and inspired to contribute your unique skills and experience.
Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
Wells Fargo Technology sets IT strategy; enhances the design, development, and operations of our systems; optimizes the Wells Fargo infrastructure footprint; provides information security; and enables continuous banking access through in-store, online, ATM, and other channels to Wells Fargo's more than 70 million global customers.
Information and Cyber Security group within Wells Fargo is seeking a Info Security Engineer / application pentester to support application security for Wells Fargo. One of the control in the Application Security Program is to perform Dynamic Application Security Testing as part of the Software Development Lifecycle.
In this role, you will work with software development partners to identify and mitigate the security vulnerabilities in the applications identified through DAST in test environments. Communication with the business security team, enterprise security group, and development technology partners is critical in this role. You will also act as an application security SME for the development and security communities within Wells Fargo.
The Information Security Engineer will:
• Conduct penetration testing / dynamic application security testing using both manual and automated testing tools.
• Build attack model
• Ensure that automated tests are completed successfully
• Configure tools as required to be successful in evaluating applications
• Validate all defects identified through testing
• Triage & Disposition results and enforce a Bug Bar
• Verify/validate defect fixes
• Provide application security consulting SME support to developers
• Assist developers with understanding of security defects and risk
• Assist in defining acceptable solution to fix defects
• Clearly document and Communicate Security risk to the business
• Help maintain Security Coding Standards and Bug Bar as required
• Assist in the Development of standards as required
• Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities
• Develop and review malicious use cases/threat models
• Maintain a broad understanding of security technologies and products
• Actively participate on improving the security culture and education throughout the organization

Required Qualifications
  • 5+ years of information security applications and systems experience
  • 2+ years of DAST (Dynamic Application Security Testing) experience


Desired Qualifications
  • Advanced Information Security technical skills
  • Ability to manage complex issues and develop solutions
  • Excellent verbal and written communication skills
  • Knowledge and understanding of application or software security such as: web application penetration testing, secure code review, secure static code analysis
  • Knowledge and understanding of banking or financial services industry
  • Experience working in a large enterprise environment
  • Knowledge and understanding of information security industry standards and government regulations
  • Ability to manage multiple and competing priorities
  • Ability to work with limited supervision
  • Ability to take on a high level of responsibility, initiative, and accountability


Street Address
AZ-Chandler: 2600 S Price Rd - Chandler, AZ
NC-Charlotte: 401 S Tryon St - Charlotte, NC
NC-Winston Salem: 809 W 4 1/2 St - Winston Salem, NC
MN-Minneapolis: 255 2nd Ave S - Minneapolis, MN
CA-SF-Financial District: 333 Market St - San Francisco, CA

Disclaimer

All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.

Relevant military experience is considered for veterans and transitioning service men and women.

Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.

States

NC  

Security Clearance

NO Security Clearance

Apply Now