About this role:

About the Role

Wells Fargo is seeking a Lead Information Security Engineer for our Inbound Web Application Security (iWAS) team that safeguards the public edge for enterprise web assets—including wellsfargo.com - against sophisticated Layer‑7 (application-layer) attacks. The team leverages a modern, hybrid control plane spanning SaaS providers to protect critical web applications. You will design and operate Layer‑7 DDoS protections, implement and tune WAF policies and signatures, apply bot management/mitigation, and enforce API security and rate limiting to preserve availability, integrity, and performance.

This role is hands-on and customer‑facing with partner application teams. You’ll work to provide security for apps, with a particular emphasis on minimizing false positives/negatives, applying virtual patches, and accelerating onboarding/offboarding for protected applications.

What You’ll Do

• Lead incident response for moderately complex events affecting public web applications, with emphasis on Layer‑7 attack detection, triage, containment, and recovery.
• Provide security consulting to internal application stakeholders, ensuring conformance with enterprise security policies and standards.
• Design, document, test, and maintain security controls for web applications at the edge.
• Engineer, deploy, and tune WAF policies/signatures (e.g., cross‑site scripting, injection, protocol anomalies), bot detection/mitigation, API protection (rate limiting, schema/behavior enforcement), and Layer‑7 DDoS defenses.
• Implement and refine rate limiting for web and API endpoints to ensure resiliency, performance, and abuse prevention.
• Review and correlate security logs and telemetry across edge providers and on‑prem platforms; distinguish real attacks from false positives.
• Apply industry best practices in availability, integrity, confidentiality, risk management, threat modeling, monitoring, incident response, access management, and business continuity.
• Collaborate across security engineering, networking, application owners, and operations to resolve issues and achieve shared goals.
• Support application onboarding/offboarding to the SaaS providers, using knowledge of DNS, WAF, L7 DDoS, bot policies, and GLB/routing considerations.

Required Qualifications

• 5+ years of Information Security Engineering experience, or equivalent (work experience, training, military, education)
• 2+ years in-depth knowledge and troubleshooting of HTTP-based web applications
• 5+ years implementing WAF signatures or virtual patches
• 5+ years hands-on with enterprise scale Web Application Firewalls
• 2+ years intermediate to advanced scripting/automation (e.g., Bash, Ansible playbook/role development, PowerShell, Python)
• 2+ years advanced understanding of network concepts (DNS, firewalls, load balancing)
• 1+ year change and incident management in medium/large enterprise environments
• 1+ year with Agile methodologies (Scrum or Kanban)
• 1+ year basic understanding of TLS, certificates, and mTLS authentication

Desired Qualifications

• Strong verbal, written, and interpersonal communication skills
• Deep WAF concepts knowledge and hands‑on policy engineering
• Demonstrated experience tuning false positives/false negatives, including custom rules and exceptions
• Practical knowledge of data and perimeter security (firewalls, IDS/IPS) and network protocols
• Understanding of network security architectures and standards development
• Familiarity with web security signatures, web firewall policy design, and global load balancing strategies
• Experience with bot mitigation strategies and API security (e.g., endpoint discovery, authentication/authorization patterns, schema validation, rate limiting)

• Experience with application onboarding/offboarding to edge/WAF protection stacks
• Exposure to Information Security frameworks/standards (FFIEC, NIST, ISO)
• Hands‑on Saas/web application security configuration at scale
• Experience protecting large consumer web properties (e.g., high‑traffic, high‑visibility domains)
• Applied protections against cross‑site scripting, injection, and common OWASP Top 10 issues
• Comfort explaining OSI stack layers, especially the difference between network‑layer DDoS (L3/L4) and application‑layer DDoS (L7)

Job Expectations

• Hybrid work schedule
• Relocation assistance: Not available
• Visa sponsorship: Not available for this role

Locations:

• 1525 W. WT Harris Blvd, Charlotte, NC
• 401 Las Colinas Blvd, Irving, TX
• 2600 S. Price Road, Chandler, AZ

Posting End Date:

*Job posting may come down early due to volume of applicants.

We Value Equal Opportunity

Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.

Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.

Applicants with Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.

Drug and Alcohol Policy

Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more.

Wells Fargo Recruitment and Hiring Requirements:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.

b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.