Senior Information Security Engineer
Wells Fargo
About this role:
Wells Fargo is seeking a Senior Information Security Engineer to provide cyber risk and threat identification by proactively and continuously monitoring the internal and external landscape for events, risks, threats, malicious code, vulnerabilities, and attacks related to the Financial Services industry or Wells Fargo Specifically. Candidate should be highly motivated with Remote Access solutions / VPN-Engineering to join our dynamic team. Remote Access solution team provides technical expertise in designing and implementing secure remote access solution and managing the infrastructure of a large organization. The primary goal for this role is to ensure system reliability of secure remote access with enhanced operational procedures and troubleshooting end users’ issues
In this role, you will:
- Lead or participate in computer security incident response activities for moderately complex events
- Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
- Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards
- Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
- Review and correlate security logs
- Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
- Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
- Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals
Required Qualifications:
- 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
Desired Qualifications:
- Experience working in the Palo Alto Firewall / Global Protect.
- Recent experience in implementing and supporting Palo Alto Global Protect VPN solution.
- CCNA or CCNA-Security or Palo Alto Networks Certified Network Security Engineer (PCNSE) certified.
- Leading and/or supporting the Palo Alto Global Protect VPN infrastructure operations with on-call responsibilities.
- 2+ years of Intermediate to Advanced level experience with scripting/automation using tools such as: Bash, Ansible Playbook/Role Development, PowerShell, Python, etc.
- 2+ years advanced understanding of Network concepts like DNS, Firewall and Load Balancing.
- Proven experience with change and incident management practices in medium to large enterprise environments.
- Basic understanding of TLS, Certificates, and MTLS.
- Intimate knowledge of the inner workings of the Internet.
- Experience with Agile Scrum or Kanban methodologies.
- Excellent verbal, written, and interpersonal communication skills.
- Advanced Information Security technical skills and solid knowledge and understanding of information security practices and policies.
- ServiceNow, Jira and Confluence experience.
- Technical documentation experience.
- Strategic planning experience in translating leadership vision into executable strategies and initiatives.
- Technology experience in the Financial Services sector.
- Ability to coordinate completion of multiple tasks and meet aggressive time frames.
- Advanced critical thinking, problem solving and technical troubleshooting abilities.
- Strong analytical skills with high attention to detail and accuracy.
- Experience with and the ability to thrive in a complex and fast-paced technology and/or information security organization, within a large enterprise environment.
- Experience with Information Security Frameworks and standards (FFIEC, NIST, ISO).
- Ability to work off hours and occasional weekends to support change activities.
- Managed service delivery certifications like ITIL, Six Sigma will be beneficial.
Job Expectations:
- Knowledge in maintaining, configuration, upgrades of Palo Alto platforms and configuring the Global Protect as per design.
- Troubleshoot, identify and resolve Global Protect VPN issues and providing detailed root cause analysis regarding the problem.
- Strong knowledge and experience in Palo Alto HIP/ Host-Checker policies, alert configuration.
- Good knowledge of the TCP, HTTP, SSL protocol and headers, as well as packet-level protocol analysis capabilities.
- Knowledge of Active Directory (machine/user objects, Organizational Units, group policy processing, etc.).
- Strong knowledge and experience in the areas of IP routing, switching, load-balancing, and advanced network automation techniques and solutions.
- Strong knowledge in the development of secure Network architectures and standards.
- Strong experience with the application of advanced network-based technical security controls in large enterprise network environments.
- Leading and/or supporting the Palo Alto Global Protect VPN infrastructure operations with on-call responsibilities.
- Knowledge of DNS, DHCP, proxy technology, and Unix-based network appliances.
- Experience with large-scale enterprise security solutions spanning multiple business functions and geographic locations.
- Experience working with multifactor authentication.
- Ability to work periodic after-hours work including participation in an on-call rotation.
- Demonstrated enterprise experience in change management process.
- Strong working knowledge of providing/understanding network security documentation.
- Provide enterprise risk and threat communication efforts to key groups and the enterprise regarding potential threats and remediation efforts - including the ability to develop blog posts with effective analysis and actionable intelligence based on relevant security events.
- Providing checklist, guidelines and implementation for Palo Alto Global Protect polices and investigation of security.
- Intimate knowledge of the TCP, HTTP, SSL protocol and headers, as well as packet-level protocol analysis capabilities.
- Track record of consistent proven experience with network infrastructure systems and Internet technologies.
- Maintain an awareness of bank security policies and government regulations pertaining to information security.
- Create and deliver information security presentations and reports to internal support teams, LOB s and leadership.
- Develop and maintain operational documentation and procedures.
- Participates in the research, analysis, design, testing and implementation of complex computer network security/protection technologies for company information and network systems/applications.
- Assists customers in identifying security solutions for the company's networks and virtual private networks, application systems, key public infrastructures, authentication and directory services to ensure the security of the network and confidential data.
- Participates in computer security incident response activities and the technical investigations of security-related incidents.
- Experience working in an environment utilizing Agile methodology and processing workflow using Jira tool.
- Experience with logging, monitoring and data analysis tools such as Splunk, Google Cloud Platform and Grafana.
- Experience at on-call support for network security related issues.
- Collaborate and influence all levels of professionals including managers.
- Responsible for staging/configuration of network security products and implementations by following strict change management guidelines.
- Knowledge and understanding of Zero Trust Network Access concepts, systems, methodologies.
- Assist other security engineers at analysis or implementation work as needed.
- Periodic assignment to the team on-call rotation.
- Periodic assignment to the team on-call rotation.
- Document project progress and milestones.
- Document monthly initiative updates to keep management abreast of progress.
- Candidate should be highly motivated with Remote Access solutions / VPN-Engineering to join our dynamic team.
- Remote Access solution team provides technical expertise in designing and implementing secure remote access solution and managing the infrastructure of a large organization.
- The primary goal for this role is to ensure system reliability of secure remote access with enhanced operational procedures and troubleshooting end users’ issues.
- Designing secure remote access policies to meet business requirements. Contribute to planning, testing and documenting environment changes which include new integrations as well as the existing environment.
- Configure HIP/ Host-Checker policies, alert handlers, recommend solutions to potential performance issues, etc. Will be actively involved in Audit-related activities.
- Support production deployments after-hours for Palo Alto infrastructure maintenance activities which involve communication and coordination with Engineering, Operations, Project Management, and Customer Application resources to ensure the scheduled deployments are successful.
Posting End Date:
13 Jul 2025*Job posting may come down early due to volume of applicants.
We Value Equal Opportunity
Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.
Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.
Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.
Applicants with Disabilities
To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.
Drug and Alcohol Policy
Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more.
Wells Fargo Recruitment and Hiring Requirements:
a. Third-Party recordings are prohibited unless authorized by Wells Fargo.
b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.