OSRT: Cyber Sec Research Scientist 3

Important Note: During the application process, ensure your contact information (email and phone number) is up to date and upload your current resume when submitting your application for consideration. To participate in some selection activities you will need to respond to an invitation. The invitation can be sent by both email and text message.  In order to receive text message invitations, your profile must include a mobile phone number designated as “Personal Cell” or “Cellular” in the contact information of your application. 

At Wells Fargo, we are looking for talented people who will put our customers at the center of everything we do. We are seeking candidates who embrace diversity, equity and inclusion in a workplace where everyone feels valued and inspired.

Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.

Technology sets IT strategy; enhances the design, development, and operations of our systems; optimizes the Wells Fargo infrastructure; provides information security; and enables Wells Fargo global customers to have 24 hours a day, 7 days a week banking access through in-branch, online, ATMs, and other channels.

Our mission is to deliver stable, secure, scalable, and innovative services at speeds that delight and satisfy our customers and unleash the skills potential of our employees.

Since 1852, customers have trusted that Wells Fargo would keep their assets secure from theft and always available. Today, maintaining customer trust remains our underlying operating principle. 

Information Cyber Security’s (ICS) vision is to provide Wells Fargo world leading cyber security risk management. Through a framework that addresses policy, process, operations, people, and technology, ICS protects Wells Fargo’s infrastructure, corporate data, and customer assets, and ensures alignment with applicable regulations and laws.  ICS is part of Wells Fargo's Technology organization and is led by the Chief Information Security Officer.

The Enterprise Information Security team is looking for a strong cyber security professional to join the Offensive Security Research Team (Red Team). This role will assess cloud based deployments for security gaps in configuration and implementation. Candidates should have a deep understanding of how data is stored, accessed, and managed in the cloud. This position is a senior role responsible for leading and executing security assessments from end to end. Opportunities will exist for contributing and collaborating on assessments of mission critical cloud deployments for enabling the day to day activities of a large enterprise at scale. The outputs of this role will directly impact the security posture of the enterprise cloud transition. This position reports to the Offensive Security Research Team and works closely with our defense partners in a purple team capacity.

Responsibilities:

• Assess security posture of cloud based deployments
• Clear and concise documentation of findings with ability to effectively communicate risks to business partners
• Research innovative ways to identify control gaps at scale
• Ability to emulate tactics, techniques and procedures utilized by real world threat actors
• Collaborate with other teams to identify problems and gaps that require new and unique solutions
• Ability to lead and mentor junior testers
• Share the knowledge you learn with other team members and partners
• Be an evangelist for the Offensive Security Research Team

• 5+ years of information security experience in converged testing (red teaming) demonstrated through work or military experience
• 1+ year of experience in network, social, and physical domains demonstrated through work or military experience
• 5+ years of experience in one or a combination of the following: creating proof of concepts, creating exploits, or reverse engineering demonstrated through work or military experience
• 2 + years of cloud computing experience
• 3+ years of experience with scripting languages such as Bash, PowerShell, Python, Shell, VBScript, or JavaScript

• Expert information security technical skills
• Proficient in working with systems, networks, and application vulnerability testing
• Ability to manage complex security scenarios and develop innovative solutions to address the most recent cyber threats
• Knowledge or experience of containerization related management stacks with Docker, Swarm or Kubernetes
• Experience with RESTful API calls
• Experience working in a large enterprise environment
• Strong analytical skills with high attention to detail and accuracy
• Experience working with cloud security management or governance tools
• Experience working with cloud access security brokers

• Highly experienced with virtualized operating systems and cloud security best practices.
• Understanding of recent research and industry advances in Cyber security experimentation/testing.
• Certifications in one or more of the following: Global Information Assurance Certification (GIAC/SANS), Offensive Security Certified Professional (OSCP), Offensive Security Wireless Professional (OSWP), Offensive Security Certified Expert (OSCE), Offensive Security Exploitation Expert (OSEE), or Offensive Security Web Expert (OSWE), Cloud Provider Certifications (AWS, GCP, Azure).
   

• Ability to travel up to 15% of the time

NC-Charlotte: 401 S Tryon St - Charlotte, NC
NC-Charlotte: 1525 W Wt Harris Blvd - Charlotte, NC
NC-Winston Salem: 809 W 4 1/2 St - Winston Salem, NC
VA-Glen Allen: 4340 Innslake Dr - Glen Allen, VA
TX-San Antonio: 4101 Wiseman Blvd - San Antonio, TX
DC-Washington: 1700 K Street NorthWest - Washington, DC
NC-Raleigh: 1100 Corporate Center Dr - Raleigh, NC
AZ-Chandler: 2600 S Price Rd - Chandler, AZ
AZ-PHX-Central Phoenix: 100 W Washington St - Phoenix, AZ
AZ-PHX-Northwest Phoenix: 2222 W Rose Garden Ln - Phoenix, AZ
AZ-Tempe: 1305 W 23rd St - Tempe, AZ
TX-Plano: 4975 Preston Park Blvd - Plano, TX
TX-Irving: 2975 Regent Blvd - Irving, TX
MN-Minneapolis: 255 2nd Ave S - Minneapolis, MN
MN-Minneapolis: 600 S 4th St - Minneapolis, MN
MN-Minneapolis: 425 E Hennepin Ave - Minneapolis, MN
MN-Saint Louis Park: 600 Highway 169 S - Saint Louis Park, MN
IA-Des Moines: 800 Walnut St - Des Moines, IA
MO-Saint Louis: 1 N Jefferson Ave - Saint Louis, MO
PA-Philadelphia: 101 N Independence Mall E - Philadelphia, PA
IL-Chicago: 10 S Wacker Drive - Chicago, IL
CA-SF-Financial District: 333 Market St - San Francisco, CA
MA-Boston: 125 High Street - Boston, MA
NY-New York: 150 E 42nd St - New York, NY

• All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.
  
  Relevant military experience is considered for veterans and transitioning service men and women.
  Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.

Benefits
 

Visit https://www.wellsfargo.com/about/careers/benefits for benefits information.