Info Security Engineer Info Security Engineer …

Wells Fargo
in Hyderabad, Andhra Pradesh, India
Permanent, Full time
Be the first to apply
Competitive
Wells Fargo
in Hyderabad, Andhra Pradesh, India
Permanent, Full time
Be the first to apply
Competitive
Info Security Engineer
Wells Fargo & Company (NYSE: WFC) is a leading global financial services company with $2.0 trillion in assets and offices in over 37 countries. Founded in 1852 and headquartered in San Francisco, Wells Fargo provides asset management, capital raising and advisory, financing, foreign exchange, payments, risk management, and trade finance services to support customers who conduct business in the global economy. At Wells Fargo, we want to satisfy our customers' financial needs and help them succeed financially. We also value the viewpoints of our team members and encourage them to be their best. Join our diverse and inclusive team where you will feel valued and inspired to contribute your unique skills and experience. We are looking for talented people who will put our customers at the center of everything we do. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you. Learn more at our International Careers website .

Market Job Description

About Enterprise Global Services:
Enterprise Global Services (EGS) enables global talent capabilities for Wells Fargo Bank NA., by supporting over half of Wells Fargo's business lines and staff functions across Technology, Operations, Risk Services and Knowledge Services. EGS operates in Hyderabad, Bengaluru and Chennai in India and in Manila, Philippines. Learn more about EGS at our International Careers website .

Department Overview
Enterprise Application Security Program is a part of Enterprise Information Security which Governs, Oversees and Enables incorporation of security practices into SDLC for Wells Fargo applications.

About the Role
This position is an Information Security Engineer 4 will perform an Individual contributor role in Enterprise Application Security Program (EASP) who needs to contribute to EASP practices from EGS.

Responsibilities:
  • Contribute to the Static Application Security Testing Stream (SAST), Deprecate Unsafe Functionality (DUF) practices from EGS and contribute to the EASP program.
  • Contribute to the Security Requirements stream and customize the Security Requirements generator tool like SD Elements as per Wells Fargo policies.
  • Contribute to security coding guidelines for different programming languages.
  • Understand the EASP program and its implementation across the organization and stay abreast with the changes to the program.
  • Enable the program by creating, on-boarding, maintaining and supporting EASP tools.
  • Suggest and execute changes to the program and implement the changes to the enabling tools.
  • Integrate with the state side leads to understand requirements and implement them in the practices and tools.
  • Develop and leverage the ability to execute any EASP stream and deliver as assigned from EGS.
  • Apply knowledge of information security and application development industry trends and technology to drive organizational change and position to properly manage and remediate vulnerabilities.
  • Coach junior team members in the team to understand and deliver based on the requirements of the program.

Essential Qualifications
  • 8+ years of Overall IT experience
  • 6+ years of application security Experience
  • 2+ years of experience with all or some of the following practices like Security Requirements, Application Threat Modeling, Static Analysis, Application Security Risk Assessments, Security Design requirements.
  • Application Security Experience with ability to identify potential security issues in application architectures and provide mitigations for the same at requirements, design and coding levels.
  • Experience in SAST tools like Fortify and Checkmarx is a must.
  • Knowledge and experience in working with various application security tools and systems.
  • In-depth Knowledge and understanding of secure SDLC (System Development Life Cycle) methodologies.
  • Experience in drafting application security coding standards.
  • Good Knowledge in OWASP top 10, CWE/SANS top 25 is a must.
  • Expertise in Information Security Standards, Policies, Procedures and Controls.
  • Ability to automate using Python Scripting.
  • Application security experience with banking/financial services applications or large enterprise.
  • Ability to manage multiple priorities in a fast-paced dynamic environment.
  • Advanced problem solving skills, ability to develop effective long-term solutions to problems.
  • Excellent verbal and written communication skills
  • Excellent inter-personal skills contributing to cordial team environment.





Market Skills and Certifications

Desired Qualifications

  • Excellent verbal, written, and interpersonal communication skills
  • Experience working in a large enterprise environment
  • Strong analytical skills with high attention to detail and accuracy
  • Ability to work effectively, as well as independently, in a team environment
  • Strong organizational, multi-tasking, and prioritizing skills
  • Ability to meet time sensitive deadlines required
  • Ability to work collaboratively and build consensus is essential
  • Ability to make sound decisions and exercise good judgment
  • Ability to work and achieve goals without constant supervision
  • Ability to handle confidential material in a professional manner


We Value Diversity

At Wells Fargo, we believe in diversity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national or ethnic origin, age, disability, religion, sexual orientation, gender identity or any other status protected by applicable law. We comply with all applicable laws in every jurisdiction in which we operate.

Region

APAC
Close
Loading...