Important Note: During the application process, ensure your contact information (email and phone number) is up to date and upload your current resume when submitting your application for consideration. To participate in some selection activities you will need to respond to an invitation. The invitation can be sent by both email and text message. In order to receive text message invitations, your profile must include a mobile phone number designated as “Personal Cell” or “Cellular” in the contact information of your application.
At Wells Fargo, we are looking for talented people who will put our customers at the center of everything we do. We are seeking candidates who embrace diversity, equity and inclusion in a workplace where everyone feels valued and inspired.
Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.
Technology sets IT strategy; enhances the design, development, and operations of our systems; optimizes the Wells Fargo infrastructure; provides information security; and enables Wells Fargo global customers to have 24 hours a day, 7 days a week banking access through in-branch, online, ATMs, and other channels.
Our mission is to deliver stable, secure, scalable, and innovative services at speeds that delight and satisfy our customers and unleash the skills potential of our employees.
Our Enterprise Information Security team is looking for a strong cyber security professional to join our Offensive Security Research Team.
The Validation Testing Team formed in 2017, and was given the mission of validating the remediation efforts of the company to address Offensive Security Research Team (OSRT) findings. The tester uses the information in the original report to duplicate environment and circumstances that led to the original finding. They then evaluate the results of their efforts and produce a Validation Report. The testers must be able to understand and interpret the original test plan and narrative and must further be able to document, explain, and present their validation test results. This requires a deep understanding of both a broad range of application security issues but also across an extremely broad range of technologies, stacks and attack/defense strategies, deep experience in red teaming, exploit development, and kill chains. This position will also provide peer feedback on validation tests conducted by other members of the team, checking them for technical continuity and completeness. The role requires strong interpersonal communication skills alongside deep technical knowledge, which can translate to a wide variety of audiences.
- 6+ months of experience in one or a combination of the following offensive security trade craft(s): penetration testing, malware reverse engineering, white hat hacking, lock-picking, zero day, CBEST Framework, or social engineering demonstrated through work or military experience; or BS/BA degree or higher in Information Technology or Information Security
- 1 + years of executing ethical penetration testing including exploitation and post-exploitation experience
- Successful completion of one or a combination of the following offensive security certification program(s): Offensive Security Certified Expert (OSCP), Offensive Security Certified Professional (OSCE), Exploit Researcher and Advanced Penetration Tester (GXPN), or CREST
- Ability to manage complex security scenarios and develop innovative solutions to address the most recent cyber threats
- Security engineering experience that includes knowledge and understanding of recent research and industrial advances in one or more of the following areas: computer and communication networks, cyber security threat detection, cyber security experimentation and testing, innovative research in cyber security, physical security controls and their weaknesses, debugging, hardware and device hacking, or electronics security
- Knowledge and understanding of Python, Ruby, PowerShell, and Shell scripting
- Ability to handle confidential material in a professional manner
Other Desired Qualifications
Comprehensive understanding of recent research and industry advances in the following areas: Computer and communication networks, Cyber security threat detection, Cyber security experimentation/testing, and Assembly.
- Ability to travel up to 5% of the time
All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.
Relevant military experience is considered for veterans and transitioning service men and women.
Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.
Visit https://www.wellsfargo.com/about/careers/benefits for benefits information.