Cyber Sec Research Strategist – Threat Hunt Automation

Job Description

Important Note: During the application process, ensure your contact information (email and phone number) is up to date and upload your current resume when submitting your application for consideration. To participate in some selection activities you will need to respond to an invitation. The invitation can be sent by both email and text message.  In order to receive text message invitations, your profile must include a mobile phone number designated as “Personal Cell” or “Cellular” in the contact information of your application.

At Wells Fargo, we are looking for talented people who will put our customers at the center of everything we do. We are seeking candidates who embrace diversity, equity and inclusion in a workplace where everyone feels valued and inspired.

Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.

Technology sets IT strategy; enhances the design, development, and operations of our systems; optimizes the Wells Fargo infrastructure; provides information security; and enables Wells Fargo global customers to have 24 hours a day, 7 days a week banking access through in-branch, online, ATMs, and other channels.

Our mission is to deliver stable, secure, scalable, and innovative services at speeds that delight and satisfy our customers and unleash the skills potential of our employees.

Responsibilities:

  • Highly technical role managing the design of advanced threat hunting strategy.
  • Creating methodologies using statistics to automatically find threats.
  • Create visibility (signal improvement; false negatives) via big data tools, Cyber security tools, machine learning, math and statistics, and a broad set of technologies in a large enterprise environment. 
  • Automation, API’s, incident response, threat hunting, and a wide range of Cyber security solutions is important to this role, especially these experiences at enormous scale.

Salary range is determined by location of the job.

 The salary range displayed below is based on a Full-time 40 hour a week schedule:

Area 000: MIN $160,400 MID $229,200 MAX $298,000 
Area 001: MIN $147,100 MID $210,100 MAX $273,100 
Area 002: MIN $133,700 MID $191,000 MAX $248,300 

 1740 Lincoln Denver CO (area 2)

1700 Lincoln St Denver CO (area 2)

8980 E Hampden Denver CO (area 2)

1100 Abernathy Road Atlanta GA (area 2)

1750 H St NW Washington DC (area 1)

2222 W Rose Garden Ln Phoenix AZ (area 2)

333 Market St San Francisco CA (area 0)

800 S Jordan Creek Pkwy West Des Moines IA (area 2)

10 S Wacker Drive Chicago IL (area 1)

150 E 42nd St New York NY (area 0)

550 South 4th St Minneapolis MN (area 2)

125 High Street Boston MA (area 0)

333 S Grand Avenue Los Angeles CA (area 1)

707 Wilshire Blvd Los Angeles CA (area 1)

1445 Ross Ave Dallas TX (area 2)

1300 Sw 5th Ave Portland OR (area 2)

260 Charles Lindbergh Dr Salt Lake City UT (area 2)

1525 W Wt Harris Blvd Charlotte NC (area 2)

3579 Atlanta Ave Atlanta GA (area 2)

7119 Forest Hill Ave Richmond VA (area 2)

4101 Wiseman Blvd San Antonio TX (area 2)

1100 Corporate Center Dr Raleigh NC (area 2)

809 W 4 1/2 St Winston Salem NC (area 2)

171 17th St Nw Atlanta GA (area 2)

1 N Jefferson Ave Saint Louis MO (area 2)

101 N Independence Mall E Philadelphia PA (area 1)

1800 Century Park E Los Angeles CA (area 1)

May be considered for Annual Discretionary Bonus Plan – Target 20% 

Required Qualifications

  • 10+ years of Information Security experience, including infrastructure, application development security and architecture
  • 5+ years of information security risk assessment experience
  • 5+ years of experience working with multiple security domains (network, application security, threat intelligence and data analytics)
  • 5+ years of Security Information and Event Management (SIEM/SIM/SEM) experience
  • 3 + years of cyber security incidents and events investigation experience
  • 5+ years of Incident Response Protocols and Tools experience
  • 3+ years of DPI (Deep Packet Inspection) experience
  • 3 + years of digital forensics, security analytics experience, or a combination of both, including incident response
  • 1+ year of Endpoint Detection and Response (EDR) experience

Desired Qualifications

  • Thorough understanding of security principles and their application in an enterprise IT environment
  • Experience with global regulatory requirements that may impact security (EU Privacy)
  • Knowledge and understanding of one or more standard security related frameworks (NIST-Cyber, CoBIT, ISO)
  • Strong analytical, critical thinking and problem solving skills
  • Ability to effectively communicate to both technical and non-technical audiences
  • One or more security certifications (CISSP, GIAC, CISM, CEH)
  • Expertise in rapid development and deployment of new security solutions
  • Experience working in a large enterprise environment
  • Knowledge and understanding of malware reverse engineering including: code or behavior analysis for endpoints and the network
  • Ability to execute in a fast paced, high demand, environment while balancing multiple priorities
  • Knowledge and understanding of banking or financial services industry
  • Knowledge and understanding of data security controls including malware protection, firewalls, intrusion detection systems, content filtering, Internet proxies, encryption controls, and log management solutions
  • Bilingual speaking, reading, and writing proficiency in Russian/English
  • Bilingual speaking, reading, and writing proficiency in Chinese (Cantonese)/English
  • Bilingual speaking, reading, and writing proficiency in Chinese (Mandarin)/English

Other Desired Qualifications

  • Knowledge and understanding of one or more standard security related frameworks (NIST-Cyber, CoBIT, ISO).
  • 5+ years of experience in one or a combination of the following: reporting, analytics, or modeling in an information security environment, information technology environment, or a combination of both.
  • 5+ years of experience with network security, endpoint security, or security threat vectors.
  • 8+ years of information security reporting and analysis experience.
  • Thorough understanding of security principles and their application in an enterprise IT environment Experience consulting senior leadership with decisions related to business processes, security controls, policies and standards, regulations and investment prioritization with a focus on identifying emerging cyber security threats
  • Experience with interacting and briefing executives
  • Strong organizational skills and ability to handle many tasks simultaneously in a high-pressure environment with rapidly changing priorities and deadlines
  • Hands-on experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices
  • Experience with host-based and/or network-based forensics tools and techniques
  • Experience with host and/or network log analysis as applied to incident response / threat hunting
  • Knowledge of offensive security, with the ability to think like an adversary when hunting and responding to incidents
  • Strong ability to identify anomalous behavior on endpoint devices and/or network communications
  • Strong experience in operating system and application security hardening and best practices
  • Strong investigative mindset with an attention to detail
  • Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux
  • Demonstrate the ability to provide written and verbal communications to management to address real-time issues and incidents, including writing formal incident reports
  • Advanced problem solving skills, ability to develop effective long-term solutions to complex problems
  • Certifications in one or more of the following: Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensics Analyst (GNFA), Offensive Security (OSCP/OSCE/etc), or other relevant certifications.
  • 5+ years of experience with full packet capture solutions.

Job Expectations

  • Ability to travel up to 5% of the time

Salary Information

To be determined

Street Address

CO-Denver: 1740 Lincoln – Denver, CO
CO-Denver: 1700 Lincoln St – Denver, CO
CO-Denver: 8980 E Hampden – Denver, CO
GA-Atlanta: 1100 Abernathy Road – Atlanta, GA
DC-Washington: 1750 H St Nw – Washington, DC
AZ-PHX-Northwest Phoenix: 2222 W Rose Garden Ln – Phoenix, AZ
CA-SF-Financial District: 333 Market St – San Francisco, CA
IA-West Des Moines: 800 S Jordan Creek Pkwy – West Des Moines, IA
IL-Chicago: 10 S Wacker Drive – Chicago, IL
NY-New York: 150 E 42nd St – New York, NY
MN-Minneapolis: 550 South 4th St – Minneapolis, MN
MA-Boston: 125 High Street – Boston, MA
CA-LA-Downtown Los Angeles: 333 S Grand Avenue – Los Angeles, CA
CA-LA-Downtown Los Angeles: 707 Wilshire Blvd – Los Angeles, CA
TX-DAL-Downtown Dallas: 1445 Ross Ave – Dallas, TX
OR-Portland: 1300 Sw 5th Ave – Portland, OR
UT-Salt Lake City: 260 Charles Lindbergh Dr – Salt Lake City, UT
NC-Charlotte: 1525 W Wt Harris Blvd – Charlotte, NC
GA-Atlanta: 3579 Atlanta Ave – Atlanta, GA
VA-Richmond: 7119 Forest Hill Ave – Richmond, VA
TX-San Antonio: 4101 Wiseman Blvd – San Antonio, TX
NC-Raleigh: 1100 Corporate Center Dr – Raleigh, NC
NC-Winston Salem: 809 W 4 1/2 St – Winston Salem, NC
GA-Atlanta: 171 17th St Nw – Atlanta, GA
MO-Saint Louis: 1 N Jefferson Ave – Saint Louis, MO
PA-Philadelphia: 101 N Independence Mall E – Philadelphia, PA
CA-LA-Century City: 1800 Century Park E – Los Angeles, CA

Disclaimer

    All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.

    Relevant military experience is considered for veterans and transitioning service men and women.
    Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.

Benefits Summary

Benefits
 

Visit https://www.wellsfargo.com/about/careers/benefits for benefits information.

Related Post

Data ScientistData Scientist

Accenture Flex offers you the flexibility of local fixed duration project-based work powered by Accenture, a leading global professional services company. Accenture is consistently recognized on FORTUNE’s 100 Best Companies