Senior Information Security Engineer

About Wells Fargo India
Wells Fargo India enables global talent capabilities for Wells Fargo Bank NA., by supporting business lines and staff functions across Technology, Operations, Risk, Audit, Process Excellence, Automation and Product, Analytics and Modeling. We are operating in Hyderabad, Bengaluru and Chennai locations.

Department Overview
Cybersecurity (CS) is part of Wells Fargo's Technology organization. Through a framework that addresses policy, process, operations, people, and technology, IS protects our infrastructure, company data, and customer assets while ensuring alignment with applicable regulations and laws.

About this role:

Wells Fargo is seeking a Senior Information Security Engineer to be part of Cloud Security Engineering team under Cybersecurity. The Cloud Security team is accountable for execution of the cloud security strategy in support of the company’s hosting strategy, which encompasses cloud and virtualization infrastructure services both on premises and external. The Cloud Security Engineer is responsible for delivery of security controls and services across our hosting environments, focusing on infrastructure and virtualization capabilities in alignment with Technology’s hybrid cloud computing security strategy and security roadmap and priorities.

Responsibilities:                                                                           

• Execution against defined cloud security strategy roadmaps in alignment to cloud control framework
• Security solutions engineering for all Cloud and Distributed Systems platforms
• Security solutions design and implementation around cloud platforms, virtualization technologies, containerization, security controls, and emerging technologies
• Liaison to the owning technology LOB or area, cloud security program and supporting projects, Information Security (IS) focus areas, and peer teams to understand business processes and requirements and then provide security solutions design to enable risk mitigation across the enterprise
• Analyze and design cloud security capabilities encompassing: DevOps, automation, access, connectivity
• Analyze and design controls to secure different cloud deployment and service models
• Review/update security policies, standards, requirements, and solutions covering different cloud deployment and service models
• Implement strategy to transition from traditional access management best practices to role based access management strategies aligned and scalable for the cloud
• Participate in evaluation, selection, and implementation of third party cloud security solutions
• Ensure the maintenance, stability, availability of ICS-managed cloud security solutions
• Provide security input to product baselines
• Plan and drive operational readiness and hand-off to appropriate ICS domain team
• Apply Information Security experience, knowledge, and breadth in order to provide solutions for emerging cloud platforms and technology security risks, and improve the enterprise’s security posture
• Work with team members across functional lines
• Critical thinking skills to question status quo
• Utilize analytical skills and the ability to think outside the box

Essential Qualifications:

• 5+ years of security engineering or security architecture experience working with Prisma Cloud Compute & Prisma Cloud Enterprise product
• 3+ years of experience with one or more Cloud platforms: Google Cloud Platform (GCP), Microsoft Azure, AWS, Pivotal Cloud Foundry (PCF) or VMware Tanzu App Service (TAS), OpenStack
• 2+ years of experience delivering complex enterprise-wide cloud platforms/environments
• 2+ years of experience in designing and engineering automated, cloud native security solutions
• 2+ years of experience securing virtualization products and hypervisor technologies such as VMWare, Xen, Hyper-V, or other
• 2+ years of Kubernetes experience
• Ability to organize and be productive through ambiguity
• Strong verbal, written, and interpersonal communication skills

Desired Qualifications:

• 2+ years of experience with DevSecOps and deployment automation to cloud environments
• Familiarity with of various cloud security and related risk frameworks (COBIT, Cloud Security Alliance (CSA), National Institute of Standards and Technology (NIST), FedRAMP, etc.)
• Knowledge and understanding of diverse platforms and operating systems, including current and emerging technologies
• Agile experience
• Ability to organize and be productive through ambiguity
• Industry certifications in Cloud and/or Information Security

Posting End Date: 

*Job posting may come down early due to volume of applicants.

Applicants with Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.

Drug and Alcohol Policy

Wells Fargo maintains a drug free workplace.  Please see our Drug and Alcohol Policy to learn more.