Info Security Engineer 5

Company Name:
Wells Fargo
Participates in the research, analysis, design, testing and implementation of medium to complex computer network security/protection technologies for company information and network systems/applications. Assists business partners in identifying security vulnerabilities for the company's networks, application systems, hardware infrastructure and emerging technologies to improve the enterprise information security posture. Assists senior level engineers with vulnerability scans of networks to identify security vulnerabilities and conducts security risk assessments to ensure compliance with corporate information security policies and adherence to best practices. Assists in computer security incident response activities and the technical investigations of information security related incidents.
Candidate will be responsible for performing various information security assessments, communicating to the line of business on the inherent risks, and providing meaningful hardening and mitigation strategies. Job responsibilities include networking devices, appliance products and web-based application penetration tests, logical security audits, and hands-on technical security evaluations and implementations and developing custom penetration testing techniques and tools. This position reports to the Cyber Threat Management - Vulnerability Assessment Team and works closely with teams in other internal information security programs.
Conduct networking devices, security controls and web-based application penetration tests
Conduct mobile technology security assessments
Conduct logical security audits and hands-on technical security evaluations and implementations
Conduct wireless security assessments
Conduct social engineering assessments
Develop custom penetration testing tools
Develop in-depth findings report by following standard vulnerability assessment guidelines
Communicate findings to lines of business based on inherit risks
Basic Qualifications: 7+ years of experience in security applications and systems.
Minimum Qualifications:
7+ years experience with network security and network protocols (TCP/IP, UDP, etc.)
5+ years performing security penetration testing
Basic Task Management Skills
Basic procedure documentation skills
Basic understanding of Information Security practices and policies
Knowledge of current and emerging security issues
Knowledge of operating system and application hardening best practices- Knowledge of security issues and hardening best practices
Proficient working with network discovery tools
Proficient with web application penetration testing
Proficient with vulnerability detection and remediation tools
Proficient understanding of networking switch and routing
Knowledgeable in the following:
Strong understanding of ethical hacking tools and techniques
Proficient working with system, network, and application vulnerability testing applications
Proficient knowledge of known and emerging information threats and mitigating controls
Proficient knowledge of MS Windows with system administration skills
Proficient knowledge Linux with system admin skills
Hands-on experience with software security testing and common commercial testing tools
Ability to maintain the highest level of confidentiality.
Excellent interpersonal, written, and oral communication skills, issue resolution, and negotiation
Excellent customer relation and communication skills
Preferred Skills:
Ability to pivot from system to system
Basic understanding of Wells Fargo network infrastructure
Experience with security penetration testing techniques and frameworks
Experience executing security penetration tests- Proficient with web application penetration testing
Exploit development in the following languages: python, ruby, perl, C, C++, Java, PHP.
Ability to find buffer overflow with a debuggers such as Ollydbg, IDA Pro, or DBG.
Experience with high level programming languages such as Java, C, C++, .NET (C#, VB);
Experience with web application development e.g. , ASP, PHP, J2EE, JSP, preferably J2EE
Experience with compiled and interpreted programs, for example: database systems, web servers application servers, firewalls, routers, load balancers, switches, and different types of middleware.
One or more of the following certifications: GIAC GXPN, OSCP, OSCE, OSEE, OSWE, OSWP
How to Express Interest in This Job: Wells Fargo invites you to apply for this job at .
Relevant military experience is considered for veterans and transitioning service men and women
Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran
Job Posting Title: Info Security Engineer 5
Requisition Number: 5063331
Schedule Type: Regular
Scheduled Hours: 40
State: AZ
City: Chandler
Zip Code: 85286
Job Contact Company: Wells Fargo
UniqueIdentifier: 5063331AZCHANDLER85286

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.