Information Security Engineer - Malware Analysis

About this role:

Wells Fargo is seeking an Information Security Engineer

In this role, you will:

• Participate in security consulting on small projects for internal clients to ensure uniformity with corporate information, security policy, and standards
• Track or remediate vulnerabilities and security issues
• Review and correlate security logs
• Assist with the design, documentation, testing, maintenance, and troubleshooting of security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
• Provide technical support for security related issues
• Utilize industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
• Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals
• Interface with more experienced technologists

Required Qualifications:

• 2+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education

Desired Qualifications:

• 2+ years of experience in Information Security Industry.
• 2+ years of experience in Security Information and Event Management (SIEM/SIM/SEM) experience, with exposure on incident response.
• 2+ years of strong experience in Malware Analysis and Reverse Engineering including behavioral and static analysis of a wide variety of malware.
• Knowledge on DPI (Deep Packet Inspection) experience
• Ability to execute in a fast paced, high demand, environment while balancing multiple priorities
• Demonstrate the ability to provide written and verbal communications to management to address real-time issues and incidents, including writing formal incident reports
• Knowledge of offensive security, with the ability to think like an adversary when performing reverse engineering and responding to incidents
• Hands-on experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices

• Experience with host and/or network log analysis as applied to incident response / threat hunting
• Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux
• Advanced problem solving skills, ability to develop effective long-term solutions to complex problems
• Certifications in one or more of the following: Certified Information Systems Security Professional (CISSP), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensics Analyst (GNFA), Offensive Security (OSCP/OSCE/etc), or other relevant certifications.
• Bachelor’s and/or Master’s degree in computer science or information systems

Job Expectations:

• The ideal candidate will have extensive experience in analyzing and reversing malware relevant to the Wells Fargo environment.
• The ideal candidate will have a well-rounded understanding of endpoint/network defenses and detection methodologies, or incident response, in addition to an expertise in how adversarial cyber threat actors think and attack
• This role will require regular collaboration with multiple teams such as the Cyber Threat Fusion Center, Security Content Development, Cyber Threat Intelligence, and Offensive Security teams will be critical to success.
• This role additionally involves exploit testing and researching exploit kits.
• This position will help to provide metrics associated with our ability to discover and react to security threats based on the evolving landscape. 

Posting End Date: 

*Job posting may come down early due to volume of applicants.

We Value Diversity

At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.

Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.

Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.

Applicants with Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.

Drug and Alcohol Policy

Wells Fargo maintains a drug free workplace.  Please see our Drug and Alcohol Policy to learn more.

Wells Fargo Recruitment and Hiring Requirements:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.

b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.