Info Security Engineer

Info Security Engineer

Wells Fargo
6-9 years
Not Specified

Job Description


Job Description :
About Wells Fargo
Wells Fargo & Company (NYSE: WFC) is a leading global financial services company headquartered in San Francisco (United States). Wells Fargo has offices in over 20 countries and territories. Our business outside of the U.S. mostly focuses on providing banking services for large corporate, government and financial institution clients. We have worldwide expertise and services to help our customers improve earnings, manage risk, and develop opportunities in the global marketplace. Our global reach offers many opportunities for you to develop a career with Wells Fargo. Join our diverse and inclusive team where you will feel valued and inspired to contribute your unique skills and experience. We are looking for talented people who will put our customers at the center of everything we do. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
Market Job Description
About Wells Fargo India
enables global talent capabilities for Wells Fargo Bank NA., by supporting business lines and staff functions across Technology, Operations, Risk, Audit, Process Excellence, Automation and Product, Analytics and Modeling. We are operating in Hyderabad, Bengaluru and Chennai locations
Department Overview:
Information and Cyber Security (ICS) is part of Wells Fargo's Technology organization. Wells Fargo views ICS as enabling lines of business to mitigate information security risk in accordance with our risk appetite. Through a framework that addresses policy, process, operations, people, and technology, Information & Cyber Security team (ICS) protects our infrastructure, company data, and customer assets while ensuring alignment with applicable regulations and laws
About the Role:
We are looking for an Information Security Engineer to perform web, mobile, thick client application and web Services security testing on Wells Fargo applications for the Dynamic Application Security testing processes. This person will perform application security testing to identify security defects in web, mobile, thick client application and web Services by following DAST policies and processes. This person will be an SME to provide guidance and assistance to team members but not limited to DAST activities. Prefer a candidate that has extensive knowledge in performing dynamic application security assessments and hands on techniques for identifying SQL injections, XSS, Authentication, Authorization CSRF, OWASP top 10 issues by using automated scanners and manual testing tools and generate reports. Should have experience in writing proof-of-concepts exploits and create custom payloads and modules for common ethical hacking framework and tools and should be able to own, drive and contribute to DAST projects and various DAST initiatives.
This position will support the DAST team in Strategy, Governance and Enablement (SG&E) process within the Information & Cyber Security (ICS) for information needs.
Responsibilities:

  • Designs, documents, tests, maintains, and provides issue resolution recommendations for moderately complex security.

  • Provides security consulting on medium projects for internal clients to ensure conformity with corporate information security policy, and standards.

  • Possesses subject matter expertise in industry leading security solutions and best practices used to implement one or more components of information security such as availability, integrity, confidentiality, risk management, access management, and business continuity. May interface with senior management.

  • Perform application security testing to identify security defects in web, mobile, thick client application and web Services by following DAST policies and processes.

  • Works with a variety complex applications, teams and business system consultants for performing application security assessments and performing retest.

  • Build and maintain strong relationships within a variety of teams throughout the organization.

  • Assist with building sustainment reports to monitor DAST compliance with policies.

  • Successful candidate will work closely with the various stakeholders within DAST, SA&C, Information Security Management, Risk, and with business lines and technology leadership across the enterprise in the execution of the WF strategies/objectives. Accordingly, critical success factors will include the ability to effectively engage in a matrixed organization, develop partnerships with many business and functional areas, and have a strong operational and delivery focus. Accordingly, critical success factors will include the ability to effectively engage in a matrixed organization, develop partnerships with many business and functional areas, and have a strong operational and delivery focus

Market Skills and Certifications
Essential Qualifications
:
  • Bachelors or Master's degree in Technology /Engineering
  • 6+ years of information security applications and systems experience
  • 6+ years of information technology applications and systems experience
  • 5+ years of experience working with Manual testing tools including Burp Suite, ZAP, Fiddler, Nmap and developing various payloads for testing.
  • 5+ years of experience with running scans using automated scanners and troubleshooting scanner issues.
  • 4+ years of experience with end to end mobile application security testing using automation and manual testing tools.
  • 3+ years of experience with web services testing and frameworks
  • 3+ years of experience in thick client application testing
  • Have a solid understanding of cloud application security testing and remediation
  • Expert analytical skills with a keen ability to see how to translate needs of the teams into tangible deliverables.
  • High level understanding of various development data technologies and development environments.
Desired Qualifications:
  • Excellent communication skills and ability to articulate complex material to a diverse audience.
  • Strong customer relationship management skills.
  • Excellent verbal, written, and interpersonal communication skills.
  • CEH, CCSP
  • Ability to transform conceptual design to technical implementation
  • Ability to identify challenges, anticipate obstacles, influence and resolve issues.
  • Excellent documentation and communication skills (written and spoken) including Senior Management.

We Value Diversity
At Wells Fargo, we believe in diversity and inclusion in the workplace accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national or ethnic origin, age, disability, religion, sexual orientation, gender identity or any other status protected by applicable law. We comply with all applicable laws in every jurisdiction in which we operate. 71232

Job Details

About Wells Fargo

Job Source : www.wellsfargojobs.com

Similar Jobs

People Also Considered

Data Not Available

Career Advice to Find Better

Simple body text this will replace with orginal content