Info Security Sr Engineer

Job Description

About Wells Fargo

Wells Fargo & Company (NYSE: WFC) is a leading global financial services company headquartered in San Francisco (United States). Wells Fargo has offices in over 20 countries and territories. Our business outside of the U.S. mostly focuses on providing banking services for large corporate, government and financial institution clients. We have worldwide expertise and services to help our customers improve earnings, manage risk, and develop opportunities in the global marketplace. Our global reach offers many opportunities for you to develop a career with Wells Fargo. Join our diverse and inclusive team where you will feel valued and inspired to contribute your unique skills and experience. We are looking for talented people who will put our customers at the center of everything we do. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.

Market Job Description

About Wells Fargo India

Wells Fargo India enables global talent capabilities for Wells Fargo Bank NA., by supporting business lines and staff functions across Technology, Operations, Risk, Audit, Process Excellence, Automation and Product, Analytics and Modeling. We are operating in Hyderabad, Bengaluru and Chennai locations.
Department Overview:
Wells Fargo views information & Cyber Security as enabling lines of business to mitigate information security risk in accordance with our risk appetite. Through a framework that addresses policy, process, operations, people, and technology, ICS protects our infrastructure, company data, and customer assets while ensuring alignment with applicable regulations and laws.
Information and Cyber Security’s (ICS) vision is to provide Wells Fargo world leading cyber security risk management. Through a framework that addresses policy, process, operations, people, and technology, ICS protects Wells Fargo’s infrastructure, corporate data, and customer assets, and ensures alignment with applicable regulations and laws. ICS is part of Wells Fargo's Technology organization and is led by the Chief Information Security Officer.

About the Role:

ICS team is looking for a strong cyber security professional with experience or education in cyber intelligence, malware analysis, and malware reverse engineering for TDS (Evolving Threat Team). The candidate will also have experience partnering with cyber defenders to resolve identified capability gaps.
The role involves analyzing and evaluating malware samples to uncover patterns that can be operationalized to enhance existing detection capabilities. This also includes developing detailed reports on functionality of malware with associated IOCs and observations on the evolution of the capabilities of the malware.
The team member will need to have experience in conducting technical research and identifying methods to detect emerging cyber threats, providing malware indicators of compromise and indicators of attack to cyber defenders, and have a deep, technical understanding of evolving Advanced Persistent Threat (APT) Tactics, Techniques, and Procedures (TTPs).

Responsibilities

• The Sr engineer will be analyzing the malwares and performing reverse engineering on the malware.
• The Sr engineer will also be responsible to help and guide team in India, and work as SPOC for technical escalations.
• This role will require regular collaboration with multiple teams such as the Cyber Threat Fusion Center, Security Content Development, Cyber Threat Intelligence, and Offensive Security teams will be critical to success.
• This role additionally involves exploit testing and researching exploit kits.
• This position will help to provide metrics associated with our ability to discover and react to security threats based on the evolving landscape.

Market Skills and Certifications

Essential Qualifications

• 10+ years of experience in Information Security Industry.
• 6+ years of experience in Security Information and Event Management (SIEM/SIM/SEM) experience, with exposure on incident response.
• 5+ years of strong experience in Malware Analysis and Reverse Engineering including: dynamic (using OllyDbg, X64DBG) and static analysis (using IDAPro, Ghidra) of a wide variety of malware (executables, exploits, scripts)
• Ability to identify and decode obfuscation techniques
• Ability to detect and bypass anti-analysis functionality in malware
• Experience in writing YARA and IDS signatures, Regular expressions and scripts
• Strong knowledge and experience of analyzing malware prevalent in the current threat landscape.
• Malware analysis certification (GREM, CREA)
• Knowledge on DPI (Deep Packet Inspection) experience
• Knowledge and understanding of banking or financial services industry
• Strong verbal and written communication skills are desired, in order to ensure thorough and accurate reporting during and concluding a security incident.
• Ability to execute in a fast paced, high demand, environment while balancing multiple priorities
• Demonstrate the ability to provide written and verbal communications to management to address real-time issues and incidents, including writing formal incident reports
• Knowledge of offensive security, with the ability to think like an adversary when performing reverse engineering and responding to incidents

Desired Qualifications

• Hands-on experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices
• Experience with host and/or network log analysis as applied to incident response / threat hunting
• Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux
• Advanced problem solving skills, ability to develop effective long-term solutions to complex problems
• Certifications in one or more of the following: Certified Information Systems Security Professional (CISSP), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensics Analyst (GNFA), Offensive Security (OSCP/OSCE/etc), or other relevant certifications.
• Bachelor’s and/or Master’s degree in computer science or information systems

We Value Diversity

At Wells Fargo, we believe in diversity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national or ethnic origin, age, disability, religion, sexual orientation, gender identity or any other status protected by applicable law. We comply with all applicable laws in every jurisdiction in which we operate. 63728