Info Security Engineer Jobs Vacancy in Wells Fargo Bengaluru
Wells Fargo Bengaluru urgently required following position for Info Security Engineer. Please read this job advertisement carefully before apply. There are some qualifications, experience and skills requirement that the employers require. Does your career history fit these requirements? Ensure you understand the role you are applying for and that it is suited to your skills and qualifications.
Follow the online directions, complete all the necessary fields, and provide all relevant information so your application is submitted correctly. When you click the 'Apply this Job' button (open in new window) you will be taken to the online application form. Here you will be asked to provide personal and contact details, respond to employment-related questions, and show how you meet the key selection criteria.
Info Security Engineer Jobs Vacancy in Wells Fargo Bengaluru Jobs Details:
Wells Fargo & Company (NYSE: WFC) is a diversified, community-based financial services company with $2.0 trillion in assets. Founded in 1852 and headquartered in San Francisco, Wells Fargo provides banking, insurance, investments, mortgage, and consumer and commercial finance through more than 8,500 locations, 13,000 ATMs, the internet (wellsfargo.com) and mobile banking, and has offices in 42 countries and territories to support customers who conduct business in the global economy. With approximately 273,000 team members, Wells Fargo serves one in three households in the United States. Wells Fargo & Company was ranked No. 25 on Fortune’s 2017 rankings of America’s largest corporations. Wells Fargo’s vision is to satisfy our customers’ financial needs and help them succeed financially. News, insights and perspectives from Wells Fargo are also available at Wells Fargo Stories.
Should have at least 4+ years of experience in security domain
Performing all of the following activities:
1. Performing application vulnerability assessments
2. Performing code review across a variety of programming languages
3. Worked on on-board application teams to security tools (SDElements and Threadfix)
4. Assist with installation and configuration of Fortify
3. Performing assessments of SDLC processes
4. Good to have knowledge of developing manual security testing scripts and procedures
5. Should have worked on commercial and open source security testing tools
6. Good to have knowledge in developing dashboard of findings along with exceptions like ThreadFix tool.
7. Other security-related projects/activities that may be assigned according to skills
1. Knowledge of security requirements in SDLC phases.
2. Strong ethics and understanding of ethics in business and information security
3. Proficient English language written and oral communication skills
4. Working knowledge of Java and .NET programming language to an extent of developing internet facing applications will be added advantage
5. Good to have Application threat modeling knowledge and experience
6. Knowledge of OWASP tools and methodologies
7. Expert in web application vulnerability assessment and penetration testing (manual and automated)
8. Must be able to perform manual and automated code reviews.
9. Good to have an excellent command over security testing tools and software like AppScan, Fortify, WebInspect, CoreImpact etc
10. Added Avantage if Possess current security certifications
11. Ability to present findings to technical staff and executives
12. Ability to complete tasks and deliver professionally written reports for business units
13. Knowledgeable with application security controls
14. Experience with testing, quality control review, or validation activities.
Roles and Responsibilities
Help drive application teams towards meeting security practice compliance deadlines.
Provide technical guidance, coaching, and mentoring to developers on discovering and remediating software coding security vulnerabilities.
Ensure strong progress through side-by-side work with app managers through key secure coding deliverables.
Analyze and provide management reporting on vulnerability detection, remediation and compliance trending.
Assist architects in secure software design.
Provide the Secure Software Group (SSG) in Enterprise Information Security (EIS) feedback on information security related processes, tools, and procedures.
Support SSG communication efforts with application teams.