About Wells Fargo

Wells Fargo & Company (NYSE: WFC) is a leading global financial services company headquartered in San Francisco (United States). Wells Fargo has offices in over 30 countries and territories. Our business outside of the U.S. mostly focuses on providing banking services for large corporate, government and financial institution clients. We have worldwide expertise and services to help our customers improve earnings, manage risk, and develop opportunities in the global marketplace. Our global reach offers many opportunities for you to develop a career with Wells Fargo. Join our diverse and inclusive team where you will feel valued and inspired to contribute your unique skills and experience. We are looking for talented people who will put our customers at the center of everything we do. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.

Market Job Description

About the Role

This position is an Information Security Engineer will perform an Individual contributor role in Enterprise Information Security Program (EASP) who needs to contribute to EASP practices from EGS.

Job Responsibilities

  • Contribute to the Static Application Security Testing Stream (SAST) to enable tools, Deprecate Unsafe Functionality (DUF) practices from EGS and contribute to the EASP program.
  • Contribute to security coding guidelines for different programming languages.
  • Understand the EASP program and its implementation across the organization and stay abreast with the changes to the program.
  • Enable the program by creating, on-boarding, maintaining and supporting SAST tools in EASP.
  • Suggest and execute changes to the program and implement the changes to the enabling tools.
  • Integrate with the state side leads to understand requirements and implement them in the practices and tools.
  • Develop and leverage the ability to execute any EASP stream assigned from EGS.
  • Associate with Application Security Champions, Architects and Application development teams in Governance, oversight and enablement of EASP.
  • Apply knowledge of information security and application development industry trends and technology to drive organizational change and position to properly manage and remediate vulnerabilities.
  • Coach junior team members in the team to understand and deliver based on the requirements of the program.

Essential Qualifications

  • 2+ years of Overall IT experience
  • 1+ years of application security Experience
  • 1+ years of experience with all or some of the following practices like Security


    , Application Threat Modeling, Static Analysis, Application Security Risk Assessments, Security Design requirements.
  • SAST (Static Analysis Software Testing) experience with tools like Fortify and Checkmarx is a must.
  • Knowledge and experience in working with various application security tools and systems.
  • Knowledge and understanding of secure SDLC (System Development Life Cycle) methodologies.
  • Experience in drafting application security coding standards.
  • Knowledge and experience in identifying and suggesting mitigations to OWASP top 10, CWE/SANS top 25 to development teams.
  • Application security experience with banking/financial services applications.
  • Ability to manage multiple priorities in a fast-paced dynamic environment.
  • Advanced problem solving skills, ability to develop effective long-term solutions to problems.
  • Excellent verbal and written communication skills
  • Excellent inter-personal skills contributing to cordial team environment.

Desired Qualifications

  • Knowledge and understanding of information security practices and policies, including Information Security Frameworks, Standards, and best practices
  • Ability to manage highly complex issues and negotiate solutions
  • A Bachelor's degree or higher in information technology
  • Knowledge and understanding of Application security threat management and mitigation domain.
  • Knowledge and understanding of Information Security Tools Development Unix and Windows.
  • Knowledge and understanding of threat modeling and assessment of potential and current information security risk/threats.
  • Certified in Industry renowned certifications like CSSLP, CEH etc.,

We Value Diversity

At Wells Fargo, we believe in diversity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national or ethnic origin, age, disability, religion, sexual orientation, gender identity or any other status protected by applicable law. We comply with all applicable laws in every jurisdiction in which we operate.


At Wells Fargo, we’ve been proudly supporting military veterans and their families for more than 170 years.

We value the leadership, discipline, and skills you’ve gained through your service to our country and recognize the contributions our veteran team members bring to the table. We’re so committed to hiring and retaining military veterans, veterans with disabilities, National Guard members, and Reservists that we’ve made it our goal is to employ 20,000 veterans by 2020.

As a Wells Fargo team member, you’ll find a work culture that is team-oriented, collaborative, structured, and challenging. We support veterans transitioning from military service with a variety of job options, confidential resources, educational information, and career guidance. You may choose to join our Veteran’s Team Member Network, a group of thousands who share an interest in veterans’ matters, and that promotes greater awareness and job development within the veteran community. To learn more about opportunities at our company, please visit wellsfargojobs.com/military. Let’s talk about turning your military experience into a great civilian career.

Similar jobs