Lead Systems Architect - Information Security

About this role:

Wells Fargo is seeking a Lead Systems Architect...

In this role, you will:

As a member of Information Security Architecture, a successful candidate will develop architectural solutions and controls intended to address emerging information security threats to applications, infrastructure, and computing devices integrated with the Wells Fargo environment. Activities will include but not necessarily limited to:

• Support Artificial Intelligence and Machine Learning (AI/ML) projects or products driven by our Line of Business (LOB) partners, provide strategic and architecture guidance and collaborate with teams on design and implementation of those projects or products.

• Identify gaps in security design review of AI/ML-based services, recommend new frameworks and approaches to address these gaps.

• Provide guidance on threat enumeration and mitigation specific to the AI/ML space to supplement existing threat modeling practice.

• Provide architectural support for product and vendor evaluations for AI/ML solutions while addressing relevant security threats.

• Create artifacts in the form of ArchSpecs, roadmaps, position papers, blueprints, and reference architectures.

• Collaboration with cross functional teams to identify the need for security solutions and the architectural requirements.

• Develop control solutions to address risks identified in security testing.

Required Qualifications:

• 5+ years of information technology systems design and planning experience; in systems, applications, or architecture
• 5 + years of information security architecture design and consulting experience
• An information security "generalist" with experience with information security technologies in different domains including: identity management and access control, application and database security, network and infrastructure security, and cryptographic algorithms and key management
• Knowledge of security controls for data storage on system, file shares and various databases.
• Understanding "Big Data" concepts and AI/ML tools, including security concepts of data masking, tokenization and synthetic data.
• Understand end to end application security vulnerabilities and exploitations, and mitigation controls, familiarity with general security standards, such as OWASP, NIST, ISO, CVE, X9
• Understanding of API based architecture, API security
• Knowledge of cloud-computing and the relevant security impacts. Experience with Azure, Google and AWS cloud platforms.
• Knowledge for securing modern applications running on VMs, containers, Kubernetes and leveraging APIs via microservices
• Understanding modern application development CI/CD pipeline, infrastructure as Code.
• Experience in conducting vulnerability tests of systems and/or code reviews.
• Have the demonstrated ability to quickly analyze an unfamiliar product or system, identifying and prioritizing threats and suggesting mitigating controls.

Desired Qualifications:

• Azure or GCP cloud certifications, Certified Information Systems Security Professional (CISSP) or Certified Cloud Security Professional (CCSP)
• Experience with threat assessment and modeling, risk management, and regulatory compliance in the financial industry. Understand current major threats and vulnerabilities facing the financial sector industry.
• Experience in communicating and presenting complex information to multiple levels of the organization.

@RWF22

Pay Range
$111,100.00 - $197,500.00 Annual
Benefits

• Information about Wells Fargo's employee benefits

We Value Diversity

At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements.

Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.