Cyber Security Research Scientist – Offensive Security Research Team

Wells Fargo
Published
July 20, 2021
Location
San Antonio, TX
Category
Job Type

Description

Job Description

Important Note: During the application process, ensure your contact information (email and phone number) is up to date and upload your current resume when submitting your application for consideration. To participate in some selection activities you will need to respond to an invitation. The invitation can be sent by both email and text message.  In order to receive text message invitations, your profile must include a mobile phone number designated as “Personal Cell” or “Cellular” in the contact information of your application. 

At Wells Fargo, we are looking for talented people who will put our customers at the center of everything we do. We are seeking candidates who embrace diversity, equity and inclusion in a workplace where everyone feels valued and inspired.

Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.

Technology sets IT strategy; enhances the design, development, and operations of our systems; optimizes the Wells Fargo infrastructure; provides information security; and enables Wells Fargo global customers to have 24 hours a day, 7 days a week banking access through in-branch, online, ATMs, and other channels.

Our mission is to deliver stable, secure, scalable, and innovative services at speeds that delight and satisfy our customers and unleash the skills potential of our employees.

Information Cyber Security’s (ICS) vision is to provide Wells Fargo world leading cyber security risk management. Through a framework that addresses policy, process, operations, people, and technology, ICS protects Wells Fargo’s infrastructure, corporate data, and customer assets, and ensures alignment with applicable regulations and laws.  ICS is part of Wells Fargo's Technology organization and is led by the Chief Information Security Officer.

Other locations may be considered. Our Enterprise Information Security team is looking for a strong cyber security professional to join our Offensive Security Research Team (Red Team). This role will involve the use of automated attack platforms, both off the shelf (Safebreach, AttackIQ, Verodin, Atomic Red Team, etc.) and in-house developed, to create sustained repeatable tests within the bank environment using a variety of scripting languages and techniques. The position involves collaborating with other members of the research team to turn proof-of-concept code and ideas into stable, automated tools that can be integrated into the monitoring environment. Management and support of Red Team Lab Infrastructure both on premises and off, to include server deployment, DNS management. This position will help provision the various resources used by the Red Team to execute their operations and testing. It will also be responsible for taking in-house developed tools and operationalizing them for the benefit of the bank. This position will develop creative ways to capture data and display in dashboards using tools like Influxdb, Grafana, the ELK stack, and others. This team member must be able to utilize complex hacking tools, create proof of concept exploits, and document attack chains so they can be re-created and defensive tactics developed for them.  This position reports to the Cyber Threat Management and works closely with our defense partners in a purple team capacity.

Responsibilities:

  • Provide support to Red Team Operations
  • Identify and pursue automation opportunities
  • Collect and present data from automated testing
  • Share the knowledge you learn through presentation opportunities
  • Be an evangelist for automated testing capabilities
  • Validation Testing
  • Assist in the development of custom offensive security tools
  • Manage Red Team Infrastructure
     

Required Qualifications

  • 6+ months of experience in one or a combination of the following offensive security trade craft(s): penetration testing, malware reverse engineering, white hat hacking, lock-picking, zero day, CBEST Framework, or social engineering demonstrated through work or military experience; or BS/BA degree or higher in Information Technology or Information Security
  • 2+ years of experience with automation using PowerShell, Bash, or Python
  • 2+ years of experience engineering and analyzing operating systems such as Windows or Unix

Desired Qualifications

  • Successful completion of one or a combination of the following offensive security certification program(s): Offensive Security Certified Expert (OSCP), Offensive Security Certified Professional (OSCE), Exploit Researcher and Advanced Penetration Tester (GXPN), or CREST
  • Ability to manage complex security scenarios and develop innovative solutions to address the most recent cyber threats
  • Security engineering experience that includes knowledge and understanding of recent research and industrial advances in one or more of the following areas: computer and communication networks, cyber security threat detection, cyber security experimentation and testing, innovative research in cyber security, physical security controls and their weaknesses, debugging, hardware and device hacking, or electronics security
  • Ability to handle confidential material in a professional manner
  • Experience working in a large enterprise environment
  • Knowledge and understanding of system/application architecture and design concepts
  • Ability to present complex material in a digestible, consumable manner to all levels of management

Other Desired Qualifications

  • 1+ year experience with Ansible, Terraform or similar automation tools.
  • Experience with cloud infrastructure
  • Experience following through with findings and working with the Blue Team to develop detection and mitigation strategies.
  • Ability to understand published exploits so they can be automated
  • Ability to manage complex security scenarios and develop innovative solutions to address the most recent cyber threats
  • Demonstrates issue resolution and negotiation skills; 
  • Understanding of recent research and industry advances in the following areas:  Computer and communication networks, Cyber security threat detection, Cyber security experimentation/testing, and Assembly.
  • Certifications in one or more of the following: Global Information Assurance Certification (GIAC/SANS)  or Cloud Certifications.
  • Managing virtual host at an enterprise level.

Job Expectations

  • Ability to travel up to 5% of the time

Street Address

NC-Charlotte: 401 S Tryon St - Charlotte, NC
NC-Charlotte: 1525 W Wt Harris Blvd - Charlotte, NC
NC-Winston Salem: 809 W 4 1/2 St - Winston Salem, NC
VA-Glen Allen: 4340 Innslake Dr - Glen Allen, VA
NC-Raleigh: 1100 Corporate Center Dr - Raleigh, NC
AZ-Chandler: 2600 S Price Rd - Chandler, AZ
AZ-PHX-Central Phoenix: 100 W Washington St - Phoenix, AZ
AZ-PHX-Northwest Phoenix: 2222 W Rose Garden Ln - Phoenix, AZ
AZ-Tempe: 1305 W 23rd St - Tempe, AZ
TX-Plano: 4975 Preston Park Blvd - Plano, TX
TX-Irving: 2975 Regent Blvd - Irving, TX
MN-Minneapolis: 255 2nd Ave S - Minneapolis, MN
MN-Minneapolis: 600 S 4th St - Minneapolis, MN
MN-Minneapolis: 425 E Hennepin Ave - Minneapolis, MN
MN-Saint Louis Park: 600 Highway 169 S - Saint Louis Park, MN
IA-Des Moines: 800 Walnut St - Des Moines, IA
MO-Saint Louis: 1 N Jefferson Ave - Saint Louis, MO
TX-San Antonio: 4101 Wiseman Blvd - San Antonio, TX
DC-Washington: 1700 K Street NorthWest - Washington, DC
PA-Philadelphia: 101 N Independence Mall E - Philadelphia, PA
IL-Chicago: 10 S Wacker Drive - Chicago, IL
CA-SF-Financial District: 333 Market St - San Francisco, CA
MA-Boston: 125 High Street - Boston, MA
NY-New York: 150 E 42nd St - New York, NY

Disclaimer

    All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.



    Relevant military experience is considered for veterans and transitioning service men and women.

    Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.

Benefits Summary

Benefits
 

Visit https://www.wellsfargo.com/about/careers/benefits for benefits information.

Apply
Drop files here browse files ...

Related Jobs

Licensed Massage Therapist   Bergheim, TX new
July 24, 2021
Licensed Massage Therapist   Marion, TX new
July 24, 2021
Licensed Massage Therapist   Bulverde, TX new
July 24, 2021
Licensed Massage Therapist   Macdona, TX new
July 24, 2021
Veterinary Technician - 001028   San Antonio, TX new
July 24, 2021

Author: