Lead Information Security Engineer - Phishing Mitigation

Job Description

Wells Fargo is seeking a Lead Information Security Engineer in Technology as part of Cybersecurity. Learn more about the career areas and lines of business at wellsfargojobs.com.

The ideal candidate will have a well-rounded background in incident response, threat detection, phishing, and cybercrime. The ideal candidate will have experience in conducting research and identifying methods to detect emerging cyber threats, attack methods, and evolving Tactics, Techniques, and Procedures (TTPs) with an emphasis on phishing and/or cybercrime. The candidate should have some experience with data analytic techniques, including machine learning, statistics and data mining to solve core business challenges. Additionally, the candidate should have a solid understanding of endpoint/network defenses and security incident response. Regular collaboration with multiple teams such as the Cyber Threat Fusion Center, Security Content Development, Cyber Threat Intelligence, Cyber Threat Forensics, and Offensive Security teams will be critical to
success. Strong verbal and written communication skills are desired, in order to ensure thorough and accurate reporting during and concluding a security incident. The candidate will also play a major role in our phishing disruption efforts, including creation of new logic and procedures to identify phishing attacks impacting Wells Fargo customers and employees.

Key Responsibilities:

• Lead or participate in computer security incident response activities for moderately complex events
• Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
• Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards
• Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
• Review and correlate security logs
• Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
• Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
• Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals
• Lead a team to achieve objectives

Required Qualifications:

• 5+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education

• 3+ years of experience in one or more of the following security disciplines: information security monitoring, incident response, vulnerability management, host/network forensics, cyber-crime investigation, penetration testing, business continuity, or cyber threat intelligence
• 3+ years of information technology applications and systems experience
• 3+ years of technical documentation and publication experience
• 1+ year of Splunk experience

Desired Qualifications:

• Experience resolving and working through escalated and complex issues
• Experience overseeing development of counter-measure strategies and tactics to offset emerging and evolving external threats from malware/viruses, phishing, pharming and other social engineering schemes
• Ability to execute in a fast paced, high demand, environment while balancing multiple priorities
• 3+ years of malware reverse engineering experience
• Experience working in a large enterprise environment
• Knowledge and understanding of financial crimes investigation
• Knowledge and understanding of banking or financial services industry
• 3+ years of experience managing cybercrime detection, investigation, and intelligence strategies
• Hands-on experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices
• Experience with host and/or network log analysis as applied to incident response / threat hunting
• Knowledge of offensive security, with the ability to think like an adversary when hunting and responding to incidents
• Strong ability to identify anomalous behavior on endpoint devices and/or network communications
• Strong experience in operating system and application security hardening and best practices
• Strong investigative mindset with an attention to detail
• Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux
• Advanced problem solving skills, ability to develop effective long-term solutions to complex problems
• Certifications in one or more of the following: Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensics Analyst (GNFA), Offensive Security (OSCP/OSCE/etc), or other relevant certifications.

Pay Range
 

Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to demonstrated examples of prior performance, skills, experience, or work location. Employees may also be eligible for incentive opportunities.

$119,000.00 - $224,000.00

Posting End Date:

27 Apr 2026

*Job posting may come down early due to volume of applicants.

We Value Equal Opportunity

Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.

Applicants with Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.

Drug and Alcohol Policy

 

Wells Fargo maintains a drug free workplace.  Please see our Drug and Alcohol Policy to learn more.

Wells Fargo Recruitment and Hiring Requirements:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.

b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.