Senior Information Security Engineer - Prisma Cloud

About this role:

Wells Fargo is seeking a Senior Information Security Engineer

In this role, you will:

• Lead or participate in computer security incident response activities for moderately complex events
• Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
• Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards
• Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
• Review and correlate security logs
• Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
• Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
• Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals

Required Qualifications:

• 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education

Desired Qualifications:

• 7+ years of Software Engineering / Information / Cybersecurity experience.

• 1+ year of deep Prisma Cloud Enterprise experience, or experience with a similar Cloud Security Posture Management tool

• Proven experience creating Prisma Cloud Enterprise custom policies via RQL, or experience with policy development for a similar Cloud Security Posture Management tool

• Extensive cloud Security knowledge of services, workloads, and hardening practices 

• Knowledge/experience with scripting/automation languages such as Terraform, Python and/or PowerShell

• Strong verbal and written communication skills

• Proven ability to work independently, as well as having strong interpersonal skills to work effectively within a Team and with partner Teams.

• 2+ years of Kubernetes experience 

• Experience in implementing security solutions in Google Cloud Platform or Microsoft Azure

• Experience with creation of Build policy subtype in Prisma Cloud Enterprise using YAML

• Knowledge and understanding of DevSecOps and deployment automation to cloud environment

• Familiarity with of various cloud security and related risk frameworks (COBIT, Cloud Security Alliance (CSA), FedRAMP, etc.)

• Experience enabling auto-remediation via Prisma Cloud 

• Experience with IAM & Data protection expertise for monitoring and responding to related incidents.

• Expertise and experience with API driven automation of policy creation

• Expertise and experience with Infrastructure as Code (IaC) and/or Policy as Code (PaC) concepts/tools

• Experience with change and incident management practices in medium to large enterprise environments.

• Knowledge and understanding of Splunk and/or Google Chronicle.

• Security certifications such as Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC), or equivalent.

• Microsoft Azure and/or Google Cloud Certifications.

• Knowledge and understanding of CIS and NIST Cybersecurity frameworks.

• Experience with Agile Scrum or Kanban methodologies.

Job Expectations:

• Leveraging your deep expertise in writing RQL queries to implement new policies to check for cloud resource misconfiguration/configuration drift. 
• Ability to efficiently transform Information Security requirements into Prisma Cloud Enterprise policies – both net new policy “creation”/development, as well as policy modifications/update. 
• Implement changes to support the remediation or “burn down” of alerts/finding from Prisma Cloud Enterprise scanning.
• Be a motivated self-starter, quick to adapt and stay focused on delivering results in a fast-paced environment with aggressive deadlines. 
• Working effectively with a virtual Team consisting of members across various locations in the U.S. and India. 

Posting End Date: 

*Job posting may come down early due to volume of applicants.

Applicants with Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.

Drug and Alcohol Policy

Wells Fargo maintains a drug free workplace.  Please see our Drug and Alcohol Policy to learn more.

Wells Fargo Recruitment and Hiring Requirements:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.

b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.