WinstonSalemRecruiter Since 2001
the smart solution for Winston-Salem jobs

Info Security Engineer 5 - Application Incident Response & Research

Company: Wells Fargo
Location: Winston Salem
Posted on: July 12, 2019

Job Description:

Info Security Engineer 5 - Application Incident Response & Research Job DescriptionAt Wells Fargo, we have one goal: to satisfy our customers' financial needs and help them achieve their dreams. We're looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you'll feel valued and inspired to contribute your unique skills and experience. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you. Enterprise Finance & Information Technology offers technology and services that exceed Wells Fargo customers' expectations and directly enable them to succeed financially. We interact with customers more than 12 billion times a year through in-store, online, ATM, and telephone transactions. We impact customers directly, through systems availability and security, as well as indirectly, through our business partners who offer and deliver a myriad of products and services that meet customers' financial needs. We provide a competitive advantage for the company through excellence in fundamentals, integrated partnerships, and our talented and engaged team members.The engineer will be responsible for providing thorough and accurate research of application security risks in their research of 0day vulnerabilities and application incidents. The engineer will play a major role in application incident response activities, including developing indicators of compromise, exploit signatures, and patch analysis requiring regular collaboration with various defensive and offensive teams within the organization. Performs application security incident response and vulnerability research activities and technical investigations of application security related incidents. Partners with senior level engineers to identify security vulnerabilities and respond to incidents. Acts as professional ethical penetration tester utilizing hacking tools to modify or create proof of concept exploits that mimic techniques of attackers to identify vulnerabilities and associate with a severity rating by deriving impact and ease of exploit.Performs security risk assessments to ensure compliance with corporate information security policies and adherence to best practices. Conducts research, analysis, testing and implementation of complex web applications and firmware vulnerabilities. Identifies security vulnerabilities for the company's, application systems, application dependencies, including hardware infrastructure and emerging technologies to improve the enterprise information security posture. Communicates to the line of business, CIO areas, and relevant third parties on the inherent risks, providing meaningful hardening and mitigation strategies. Provides guidance and leadership to Information Security Engineers and acts as a mentor for these engineers interested in penetration testing and offensive security. This position is a part of the Cyber Threat Management - Application Incident Response and Research team.Responsibilities include: Incident management for 0day application vulnerabilities Creation of 0day identification tools Identification of 0day application vulnerabilities Conducting web-based application penetration tests Source code audits Hands-on technical security evaluations and implementations Developing custom penetration testing techniques and tools. Install, configure, use and maintain testing tools as well as vulnerable applications/environments Manually verify security vulnerabilities Document identified 0day vulnerabilities and related matters in a clear, concise and timely manner Meet with the application teams to review, describe and explain identified security vulnerabilities and possible remediation Retest application updates or deployed remediation logic to verify resolution of security vulnerabilities Update documentation as required Maintain electronic or paper trail of testing activity for audit purposes Maintain confidentiality of authentication credentials, sensitive application information and test results before, during and after completion of compliance testing and/or retesting Providing adhoc penetration testing as necessary Providing application security consulting SME Support to developers Providing for root cause analysis and incident management investigation Providing security training as required Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities Develop and review malicious use cases/threat models Maintain a broad understanding of security technologies and products Actively participate on improving the security culture and education throughout the organization.Required Qualifications 7+ years of information security applications and systems experience2+ years of experience creating proof of concepts, creating exploits, or a combination of both2+ years of experience in one or a combination of the following: Java, .net MVC via application development, exploit development via an interactive testing model or a source code vulnerability analysis model.1+ year 0day vulnerability discovery and research experience. Desired Qualifications Advanced Information Security technical skills and understanding of information security practices and policiesAbility to manage complex issues and develop solutionsExcellent verbal and written communication skillsExperience working in a large enterprise environmentAbility to manage multiple and competing prioritiesAbility to take on a high level of responsibility, initiative, and accountabilityAbility to work with limited supervisionGood attention to detail and accuracy skillsKnowledge and understanding of banking or financial services industryKnowledge and understanding of information security industry standards and government regulationsStrong analytical skills with high attention to detail and accuracyStrong collaboration and partnering skillsStrong organizational, multi-tasking, and prioritizing skillsCertifications in one or more of the following: Global Information Assurance Certification (GIAC), Offensive Security Certified Professional (OSCP), Offensive Security Wireless Professional (OSWP), Offensive Security Certified Expert (OSCE), Offensive Security Exploitation Expert (OSEE), or Offensive Security Web Expert (OSWE) Other Desired Qualifications 2+ years of information security experience in converged testing (red teaming) 1+ year of experience in network, social, and physical domainsJob Expectations Ability to work outside of regular business hours Disclaimer All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.Relevant military experience is considered for veterans and transitioning service men and women.Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.

Keywords: Wells Fargo, Winston-Salem , Info Security Engineer 5 - Application Incident Response & Research, Engineering , Winston Salem, North Carolina

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Other Engineering Jobs


Senior Field Application Engineer
Description: DNA Group, Inc., a solutions provider disciplined in Contract Manufacturing, HMI, Connectivity and Smart Illumination, located in Raleigh,
Company: DNA Group, Inc.
Location: Raleigh
Posted on: 07/24/2019

Roadside Technician - Towing - 2nd Shift
Description: Our Roadside Assistance unit is looking for Emergency Road Service Technicians with positive attitudes to help get AAA members back on the road quickly and safely. If you enjoy helping people, love to (more...)
Company: AAA Carolinas
Location: Charlotte
Posted on: 07/24/2019

Splunk Engineer
Description: Splunk Engineer Where good people build rewarding careers.Think that working in the insurance field can't be exciting, rewarding and challenging Think again. You'll help us reinvent protection and retirement (more...)
Company: Allstate
Location: Charlotte
Posted on: 07/24/2019


Service Technician
Description: SummaryTechnicians will be held to a high standard of service, ICEE has a commitment to success: to our customers, partners, and employees. Technicians are required to service all ICEE and restaurant (more...)
Company: The ICEE Company
Location: Raleigh
Posted on: 07/24/2019

Industrial Mechanic
Description: Kelly Engineering is looking for a Dayshift Maintenance Technician for a position in the Charlotte, NC area. This position is an immediate need. br br Job Experience br br ul br br li (more...)
Company: Kelly Services
Location: Charlotte
Posted on: 07/24/2019

DynaTrace Performance Engineer
Description: One of our clients is looking for a DynaTrace Performance Engineer based on the following skills Minimum Requirement Experience designing, configuring, and implementing complex Dynatrace deep diagnostics (more...)
Company: Digitek Software, Inc.
Location: Raleigh
Posted on: 07/24/2019

Active Directory Data Security Engineer
Description: Active Directory Data Security Engineer Where good people build rewarding careers. Think that working in the insurance field can't be exciting, rewarding and challenging Think again. You'll help us reinvent (more...)
Company: Allstate
Location: Charlotte
Posted on: 07/24/2019

Info Security Engineer 4
Description: Job DescriptionAt Wells Fargo, we want to satisfy our customers financial needs and help them succeed financially. Were looking for talented people who will put our customers at the center of everything (more...)
Company: Wells Fargo
Location: Charlotte
Posted on: 07/24/2019

Automotive Technician / Mechanical Associate
Description: 7282 - Capital Blvd - 8007 Wild Wood Forest Dr., Raleigh, North Carolina, 27616 br br CarMax, the way your career should be Tune up your skills in vehicle repair and build a great career br If (more...)
Company: CarMax
Location: Raleigh
Posted on: 07/24/2019

Field Service Technician
Description: Field Technician br br Nalco Water, an Ecolab company, is looking for a Field Technician to join our industry leading Nalco Water team. If you are a passionate technical professional that enjoys interacting (more...)
Company: Ecolab
Location: Raleigh
Posted on: 07/24/2019

Log In or Create An Account

Get the latest North Carolina jobs by following @recnetNC on Twitter!

Winston-Salem RSS job feeds