About this role:

Wells Fargo is seeking an Information Security Senior Manager in Cybersecurity as part of Identity Access Management. Learn more about career areas and business divisions at wellsfargojobs.com

This senior identity leader will be responsible for the secure design, operation, and evolution of large‑scale Active Directory, Microsoft Entra, and Linux authentication platforms.

This role is both a people leader and a hands‑on technical authority, managing a team of senior engineers and architects while owning the security architecture, resiliency, and operational integrity of the firm’s most critical identity infrastructure.

The role works in very close partnership with the Head of IAM Architecture, Head of IAM Engineering, and IAM Product Development and Support teams to ensure directory and authentication platforms are architected correctly, engineered securely, and operated reliably at enterprise scale.

In this role, you will:

Leadership & Team Management

• Lead and manage a team of directory services and authentication engineers and architects responsible for day‑to‑day platform design, implementation, and support.
• Set technical direction, architectural standards, and execution priorities for the team in alignment with enterprise IAM strategy.
• Ensure strong engineering discipline, documentation standards, and design review rigor across all directory and authentication initiatives.
• Act as an escalation point for complex architectural, security, and availability issues affecting identity platforms.
• Develop and mentor senior technical talent, building depth and succession within the directory and authentication domain.
  

Enterprise Active Directory Security Architecture

• Serve as the accountable design authority and platform owner for very large, security‑sensitive Active Directory environments.
• Define and govern forest and domain architecture, including trust models, isolation strategies, and blast‑radius containment.
• Own OU design, delegation models, administrative separation, and naming conventions.
• Establish and enforce Group Policy architecture and security baselines.
• Lead Active Directory security hardening, including privileged tiering, administrative isolation, and reduction of legacy exposure.
• Architect protections against credential theft, lateral movement, and domain compromise, ensuring alignment with modern threat models and regulatory expectations.

Microsoft Entra Architecture

• Own architecture for hybrid and cloud‑native identity, including integration between Active Directory and Microsoft Entra.
• Define synchronization, attribute governance, and source‑of‑authority models appropriate for enterprise scale.
• Ensure Entra architecture aligns with Zero Trust principles and enterprise access management standards.

Linux Authentication Platform Ownership

• Own the enterprise Linux authentication architecture and its integration with Active Directory and Microsoft Entra.
• Define secure, scalable patterns for centralized Linux authentication, authorization, and privilege enforcement.
• Ensure consistent authentication architecture across on‑prem, private cloud, and public cloud Linux environments.
• Partner with infrastructure and platform teams to standardize Linux authentication and reduce platform‑specific risk.

Resilience, Replication & Disaster Recovery

• Architect and own high availability and disaster recovery strategies for directory and authentication platforms.
• Define replication topology, site design, and failover patterns to meet enterprise RTO and RPO requirements.
• Ensure identity service continuity during cyber events, outages, and major infrastructure incidents.
• Participate in and lead resilience testing and recovery exercises related to identity infrastructure.

Platform Integration & Cross‑Team Collaboration

• Work very closely with the Head of IAM Architecture to ensure directory and authentication platforms align with enterprise identity standards and target‑state architecture.
• Partner with the Head of IAM Engineering to ensure architectural intent is translated into secure, reliable engineering implementation.
• Collaborate with IAM Product Development and Support teams to ensure authentication platforms meet product requirements, scale reliably, and are supportable in production.
• Define and govern integration patterns between Active Directory, Microsoft Entra, Linux authentication platforms, and downstream identity providers.
• Serve as the final architectural approver for changes impacting directory and authentication platforms.

Required Qualifications:

• 6+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 3+ years of management or leadership experience
• 6+ years of experience designing, operating, and securing enterprise- level Active Directory environments

Desired Qualifications:

• Demonstrated experience owning Active Directory security architecture in a highly regulated enterprise.
• Proven people management experience leading senior engineering and platform teams.
• Deep hands‑on expertise with Microsoft Entra and hybrid identity architectures.
• Strong experience designing high availability, replication, and disaster recovery for identity platforms.
• Experience operating under regulatory, audit, and cyber‑resiliency scrutiny.
• Experience implementing privileged access isolation and admin forest models.
• Experience supporting Zero Trust identity architectures.
• Background in financial services or similarly regulated industries.
• Experience leading large‑scale identity or infrastructure modernization initiatives.

Locations:

• 401 Las Colinas Blvd W Bldg. A - Irving, TX 75039

• 194 S Wood Ave - Iselin, NJ 08830

Posting Statements:

• Job posting may come down early due to volume of applicants.

• Required location(s) listed above. Relocation assistance is not available for this position

• Salary range is determined by location of the job. May be considered for a discretionary bonus, Restricted Share Rights, or other long – term incentive awards.

• This position is not eligible for visa sponsorship

Pay Range

Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to demonstrated examples of prior performance, skills, experience, or work location. Employees may also be eligible for incentive opportunities.

Posting End Date:

*Job posting may come down early due to volume of applicants.

We Value Equal Opportunity

Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.

Applicants with Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.

Drug and Alcohol Policy

Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more.

Wells Fargo Recruitment and Hiring Requirements:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.

b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.