Information Security Engineer 4 - Red/Blue Team
Company: Wells Fargo
Location: Winston Salem
Posted on: October 1, 2018
Information Security Engineer 4 - Red/Blue Team Job Description At Wells Fargo, we want to satisfy our customers financial needs and help them succeed financially. We re looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you ll feel valued and inspired to contribute your unique skills and experience. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you. Corporate Risk helps all Wells Fargo businesses identify and manage risk. We focus on three key risk areas: credit risk, operational risk, and market risk. We help our management and Board of Directors identify and monitor risks that may affect multiple lines of business, and take appropriate action when business activities exceed the risk tolerance of the company. Since 1852, customers have trusted that Wells Fargo would keep their assets secure from theft and always available. Today, maintaining customer trust remains our underlying operating principle. Enterprise Information Security s (EIS) vision is to provide Wells Fargo world leading cyber security risk management. Through a framework that addresses policy, process, operations, people, and technology, EIS protects Wells Fargo s infrastructure, corporate data, and customer assets, and ensures alignment with applicable regulations and laws. EIS is part of Wells Fargo's Corporate Risk organization and is led by the Chief Information Security Officer. Our Enterprise Information Security team is looking for a strong cyber security professional to join our Offensive Security Research Team (OSRT). This Information Security Engineer 4 (ISE4) - Red/Blue Team will participate in the research, analysis, and testing of complex computer network security/protection technologies for company information and network systems/applications. Identifies security problems with the company's network, virtual private networks, application systems, key public infrastructures, authentication, and other systems. Provides remediation recommendations and adversarial consulting services to business partners to evaluate and deploy more secure business solutions. Participates in OSRT incident response activities and the technical investigations of security related incidents. May provide technical guidance to less experienced staff. This Engineer will be responsible for thorough and accurate reporting during and concluding a security incident, and will also play a major role in the creation of new logic and supporting procedures to identify anomalous network and/or endpoint behaviors for Cyber Threat Fusion Center (CTFC) alert monitoring. Efforts will be focused primarily on identifying advanced exploits, vulnerabilities, and systemic issues in the Wells Fargo enterprise that are not detected via traditional security scanning tools. Regular collaboration with multiple teams such as Threat Detection Services, Security Content Development, Cyber Threat Intelligence, Cyber Threat Forensics, and Cyber Threat Fusion Center will be critical to success. This person in this position will help to discover and react to security threats based on the evolving Threat Landscape. Preferred locations are Charlotte, NC area or Chandler, AZ; however we will consider candidates in any other Wells Fargo major hub locations, to include telecommute.Required Qualifications1+ year of Firewall experience1+ year of Information Security reporting and analysis experience1+ year of manual information security penetration testing tools, topics, and techniques experience1+ year of experience working in a large enterprise network organization1 + years cyber security analysis experience1+ years of advanced scripting experience using Unix Shell Scripting, Perl, Python, Java, or PL-SQL5+ years of information security applications and systems experience Desired QualificationsExperience working in a large enterprise environmentAbility to execute in a fast paced, high demand, environment while balancing multiple prioritiesKnowledge and understanding of banking or financial services industryKnowledge and understanding of malware reverse engineering including: code or behavior analysis for endpoints and the networkExperience consulting with internal clients and businessAbility to manage complex issues and develop solutionsAdvanced Information Security technical skillsExcellent verbal and written communication skills Other Desired Qualifications Certifications in one or more of the following: Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensics Analyst (GNFA), Offensive Security (OSCP/OSCE/etc.), or other relevant certifications Hands-on experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices Experience providing situational awareness based on team authored threat reports Ability to hunt for IOCs based on attack surface Experience with host and/or network log analysis as applied to incident response/threat hunting Knowledge of offensive security, with the ability to think like an adversary when hunting and responding to incidents Strong ability to identify anomalous behavior on endpoint devices and/or network communications Strong experience in operating system and application security hardening and best practices Strong investigative mindset with an attention to detail Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux Demonstrated ability to provide written and verbal communications to management to address real-time issues and incidents, including writing formal incident reports Advanced problem solving skills and ability to develop effective long-term solutions to complex problems 1+ years of experience with full packet capture solutionsJob ExpectationsAbility to travel up to 10% of the time DisclaimerAll offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.Relevant military experience is considered for veterans and transitioning service men and women.Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.Associated topics: forensic, identity access management, iam, information technology security, malicious, phish, security officer, threat, violation, vulnerability
Keywords: Wells Fargo, Winston-Salem , Information Security Engineer 4 - Red/Blue Team, Engineering , Winston Salem, North Carolina
Didn't find what you're looking for? Search again!