Wells Fargo & Company (NYSE: WFC) is a leading global financial services company with $2.0 trillion in assets and offices in over 37 countries. Founded in 1852 and headquartered in San Francisco, Wells Fargo provides asset management, capital raising and advisory, financing, foreign exchange, payments, risk management, and trade finance services to support customers who conduct business in the global economy. At Wells Fargo, we want to satisfy our customers' financial needs and help them succeed financially. We also value the viewpoints of our team members and encourage them to be their best. Join our diverse and inclusive team where you will feel valued and inspired to contribute your unique skills and experience. We are looking for talented people who will put our customers at the center of everything we do. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you. Learn more at our International Careers website.
Market Job Description
About Enterprise Global Services
Enterprise Global Services (EGS) enables global talent capabilities for Wells Fargo Bank NA., by supporting over half of Wells Fargo's business lines and staff functions across Technology, Business Services, Risk Services and Knowledge Services. EGS operates in Hyderabad, Bengaluru and Chennai in India and in Manila, Philippines. Learn more about EGS at our International Careers website.
The CTO Business Services team across locations provides Governance Support across the Enterprise. CTO Business Services supports all the lines of Business across divisions of WF Home Lending, Wholesale Ops, Wealth & Investment Management (WIM), PVSI & Community banking.
You will work as part of the Application Security Governance Team making sure that all the Applications are following Secure coding practices across the Enterprise.
Performing application vulnerability assessments
Performing code review across a variety of programming languages
Worked on on-board application teams to security tools (SDElements and Threadfix)
Assist with installation and configuration of Fortify
Performing assessments of SDLC processes
Good to have knowledge of developing manual security testing scripts and procedures
Should have worked on commercial and open source security testing tools
Good to have knowledge in developing dashboard of findings along with exceptions like ThreadFix tool.
Other security-related projects/activities that may be assigned according to skills.
Should have at least 12+ years of experience in security domain
Knowledge of security requirements in SDLC phases.
Strong ethics and understanding of ethics in business and information security
Proficient English language written and oral communication skills
Working knowledge of Java and .NET programming language to an extent of developing internet facing applications will be added advantage
Good to have Application threat modeling knowledge and experience
Knowledge of OWASP tools and methodologies
Expert in web application vulnerability assessment and penetration testing (manual and automated)
Must be able to perform manual and automated code reviews.
Good to have an excellent command over security testing tools and software like AppScan, Fortify, WebInspect, CoreImpact etc
Added Advantage if Possess current security certifications
Ability to present findings to technical staff and executives
Ability to complete tasks and deliver professionally written reports for business units
Knowledgeable with application security controls
Experience with testing, quality control review, or validation activities.
Certification in Security Domain.
Market Skills and Certifications
12+ years of Overall IT experience
6+ years of application security Experience
4+ years of experience with all or some of the following practices like Security Requirements, Application Threat Modeling, Static Analysis, Application Security Risk Assessments, Security Design requirements.
SAST (Static Analysis Software Testing) experience with tools like Fortify and Checkmarx is a must.
Knowledge and experience in working with various application security tools and systems.
Knowledge and understanding of secure SDLC (System Development Life Cycle) methodologies.
Experience in drafting application security coding standards.
Knowledge and experience in identifying and suggesting mitigations to OWASP top 10, CWE/SANS top 25 to development teams.
Application security experience with banking/financial services applications.
Ability to manage multiple priorities in a fast-paced dynamic environment.
Advanced problem solving skills, ability to develop effective long-term solutions to problems.
Excellent verbal and written communication skills
Excellent inter-personal skills contributing to cordial team environment.
Knowledge and understanding of information security practices and policies, including Information Security Frameworks, Standards, and best practices
Ability to manage highly complex issues and negotiate solutions
A Bachelor's degree or higher in information technology
Knowledge and understanding of Application security threat management and mitigation domain.
Knowledge and understanding of Information Security Tools Development Unix and Windows.
Knowledge and understanding of threat modeling and assessment of potential and current information security risk/threats.
Certified in Industry renowned certifications like CSSLP, CEH etc.,
We Value Diversity
At Wells Fargo, we believe in diversity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national or ethnic origin, age, disability, religion, sexual orientation, gender identity or any other status protected by applicable law. We comply with all applicable laws in every jurisdiction in which we operate.
Internal Number: 48840BR
About Wells Fargo
Wells Fargo & Company (NYSE: WFC) is a diversified, community-based financial services company with $1.9 trillion in assets. Wells Fargo’s vision is to satisfy our customers’ financial needs and help them succeed financially. Founded in 1852 and headquartered in San Francisco, Wells Fargo provides banking, investment and mortgage products and services, as well as consumer and commercial finance, through 7,400 locations, more than 13,000 ATMs, the internet (wellsfargo.com) and mobile banking, and has offices in 32 countries and territories to support customers who conduct business in the global economy. With approximately 260,000 team members, Wells Fargo serves one in three households in the United States. Wells Fargo & Company was ranked No. 29 on Fortune’s 2019 rankings of America’s largest corporations. News, insights and perspectives from Wells Fargo are also available at Wells Fargo Stories.
www.wellsfargo.com | Twitter: @WellsFargo