Wells Fargo

Receive alerts when this company posts new jobs.

Similar Jobs

Job Details

Info Security Analyst 5

at Wells Fargo

Posted: 12/3/2019
Job Reference #: 13080998
Keywords: security

Job Description

Job Description

At Wells Fargo, we want to satisfy our customers’ financial needs and help them succeed financially. We’re looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you’ll feel valued and inspired to contribute your unique skills and experience.

Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.

Wells Fargo Technology sets IT strategy; enhances the design, development, and operations of our systems; optimizes the Wells Fargo infrastructure footprint; provides information security; and enables continuous banking access through in-store, online, ATM, and other channels to Wells Fargo’s more than 70 million global customers.

Enterprise Information Security within Wells Fargo is seeking an Information Security Analyst to support application security testing for all Internet facing websites.  In this role, you will work with be responsible for using automated tools to continually scan all Internet facing websites to identify application security vulnerabilities.  Primary duties in this role are to create and maintain scan profiles for the automated application scanning tools, verify the effectiveness of the rules, monitor continual running of the scanning tools and interconnected processing including reporting.  In addition, since this is a new program, this resource will assist with standing up of the scanning tools and other interconnected processing including connectivity to SOR for vulnerabilities and reporting tools.  Communication with the business security team, information security consultants (ISCs), operation risk consultants (ORCs), enterprise security group, and development technology partners is critical in this role. You will also act as an application security SME for the development and security communities within Wells Fargo.

The Information Security Analyst will:
* Review tools/techniques or optimizations
* Create and maintain scan profiles for automated application scanning tools
* Create a maintain interconnected processing including connectivity to SOR for vulnerabilities as well as reporting.
* Discuss and help resolve issues or concerns
* Assist with work orders and service requests (ART, LNS, @work, etc.)
* Engage and coordinate with other CTM teams as needed
* Troubleshoot and resolve testing issues (technical, process, dispute, and other)
* Meet with application team to collect information and determine scope of  testing
* Install, configure, use and maintain scanning and testing tools
* When required (exception basis only), manually verify security vulnerabilities identified by automated tools
* Provide status and resolve issues that impact testing
* Assist with design and creation of automated report feed to vulnerability system of record
* When required, manually document identified security vulnerabilities and related matters in a clear, concise and timely manner
* Meet with the application teams to review, describe and explain identified security vulnerabilities and possible remediation
* Provide occasional on-call problem resolution escalation for Enterprise Availability Coordination Office (EACO) in a 24x7 environment as required
* Assist with BLAST program issue escalation and problem resolution as required
* Interact with direct reports, partners, peer managers, and mid to senior level management, to drive successful completion of testing scope, awareness of BLAST Services, and to facilitate continual process improvement.  This will cross all lines of business and CIO areas.
* Actively participate on improving the security culture and education throughout the organization.
* Prepare other ad hoc management level and audit material/documentation as required



Required Qualifications

  • 7+ years of information security administration experience
  • 3+ years of automated information security penetration tools experience



Desired Qualifications

  • Advanced Information Security technical skills and solid knowledge and understanding of information security practices and policies
  • Ability to manage complex issues and develop solutions
  • Excellent verbal and written communication skills
  • Experience working in a large enterprise environment
  • Ability to negotiate, influence, and collaborate to build successful relationships
  • Ability to organize and manage multiple priorities
  • Ability to prioritize work, meet deadlines, achieve goals, and work under pressure in a dynamic and complex environment
  • Excellent verbal, written, and interpersonal communication skills
  • Good attention to detail and accuracy skills
  • Knowledge and understanding of application or software security such as: web application penetration testing, secure code review, secure static code analysis
  • Knowledge and understanding of information security principles, policies, and procedures
  • Strong analytical skills with high attention to detail and accuracy
  • Strong collaboration and partnering skills
  • 1+ year of DAST (Dynamic Application Security Testing) experience



Disclaimer


All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.

Relevant military experience is considered for veterans and transitioning service men and women.
Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!