What are the responsibilities and job description for the Senior Information Security Engineer position at wellsfargo?
Title: Senior Information Security Engineer
Location: 1525 W WT Harris Blvd Charlotte, NC
Alternate Locations: Chandler, AZ or McLean, VA
Duration: 18 months
Work Engagement: W2
Work Schedule: 3 days in office/2 days remote
Benefits on offer for this contract position: Health Insurance, Life insurance, 401K and Voluntary Benefits
Summary:
We are seeking a Senior Information Security Engineer to join the Threat Disruptions team within the Advanced Operational Services (AOS) organization. This role focuses on identifying, analyzing, and disrupting cyber threats—particularly phishing campaigns—targeting Wells Fargo customers, employees, and brand.
The ideal candidate will have strong hands-on experience with Splunk, cyber threat detection, and incident response, along with the ability to conduct detailed log analysis and security investigations in a fast-paced environment.
Responsibilities:
Review, analyze, and correlate security logs across multiple platforms using Splunk
Conduct advanced searches in Splunk to identify indicators of compromise and malicious activity
Play a major role in phishing disruption efforts, including:
Developing new detection logic, rules, and procedures
Identifying phishing attacks impacting customers and employees
Lead or participate in computer security incident response for moderately complex incidents
Perform technical investigations and post-incident digital forensics to determine root cause and recommend mitigation strategies
Provide security consulting to internal partners to ensure compliance with corporate information security policies and standards
Design, document, test, maintain, and troubleshoot moderately complex security solutions across:
Networking, cryptography, cloud security
Authentication and directory services
Email, internet, application, and endpoint security
Apply industry best practices and subject matter expertise to support:
Threat identification, monitoring, and modeling
Incident response, access management, risk management, and business continuity
Identify security vulnerabilities, perform risk assessments, and evaluate remediation options
Collaborate with peers, managers, and cross-functional partners to resolve issues and achieve security objectives
Qualifications:
Applicants must be authorized to work for ANY employer in the U.S. This position is not eligible for visa sponsorship.
Experience in Information Security Engineering or equivalent
Knowledge of phishing threats, general cybersecurity principles, and threat detection
Hands-on experience conducting log analysis and searches in Splunk
Ability to investigate and respond to security incidents
Advanced technical skills in information security
Experience detecting and mitigating phishing attacks targeting employees and corporate brands
Experience creating regular expressions (Regex) and YARA rules (preferred)
Ability to manage complex issues and develop effective solutions
Experience with one or more of the following:
Information security monitoring
Incident response
Vulnerability management
Host and/or network forensics
Cyber-crime investigations
Domain-based Message Authentication, Reporting and Conformance (DMARC)
Cyber threat intelligence
Hands-on experience with enterprise security tools, including:
SIEM platforms
IDS/IPS
Endpoint security solutions
Email and web security gateways
Experience with host and/or network log analysis for incident response and threat hunting
Knowledge of offensive security and the ability to think like an adversary
Strong experience with operating system and application security hardening best practices
Strong investigative mindset with attention to detail
Advanced problem-solving skills with the ability to develop long-term solutions
Ability to perform effectively in a fast-paced, high-demand environment while managing multiple priorities
GIAC or other relevant security certifications (preferred)