APPLICANTS WITH DISABILITIES

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo .

WELLS FARGO RECRUITMENT AND HIRING REQUIREMENTS:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.
b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process

Required Qualifications

• 5+ years of experience in information security, including 2+ years of direct experience in cloud IAM on GCP and Azure platforms demonstrated through one or a combination of the following: work experience, training, military experience, education
• 3+ years of experience in cloud native IAM constructs: custom roles, service accounts, workload identity federation and Privilege Identity Management (PIM).
• Experience supporting access policy development and remediation strategies in large-scale, multi-cloud environments.
• Familiarity with CIEM, CSPM or IAM governance tools, e.g., Sonrai, Saviynt, Prisma Cloud, SailPoint, Azure PIM, GCP IAM recommender.
• Exposure to security operations workflows, audit log analysis, and ticketing/remediation processes.
• Strong communication and documentation skills; ability to explain complex access risks to technical and non-technical audiences

Preferred Qualifications:

• Proficiency in Python, PowerShell or other scripting tools used for automation in cloud environments
• Experience working with SOAR platforms, particularly Splunk or Cortex XSOAR
• Understanding of enterprise control frameworks (e.g. NIST 800-53, CIS Benchmarks, ISO 27001)
• Familiarity with cloud onboarding and entitlement risk scoring models
• Prior experience supporting internal and external audit and regulatory reviews

Wells Fargo is seeking a Lead Information Security Engineer for the Cyber Security Engineering team. This role will focus on cloud IAM monitoring and analysis

In this role, you will:

• Lead cloud IAM analysis and implementation efforts across GCP and Azure, with a focus on service accounts, workload identity federation, role management and conditional access policies.
• Support the design, review, and governance of identity-related policies to enforce least privilege, prevent privilege escalation, and reduce stale or unused entitlements.
• Partner with engineering team to triage and tune identity alerts using data from CIEM tools (e.g., Sonrai) and native cloud audit logs.
• Collaborate with cybersecurity operations to support automated remediation workflows, ticket generation, and integration with SIEM/SOAR platforms like Splunk and Cortex.
• Contribute to documentation efforts and internal audit engagements related to cloud access, control coverage and framework alignment
• Identify gaps in cloud identity lifecycle and propose improvements to entitlement governance processes and cloud onboarding practices
• Provide technical expertise to cross-functional stakeholders including Cloud Security, Identity Governance and Engineering teams.

Required Qualifications

• 5+ years of experience in information security, including 2+ years of direct experience in cloud IAM on GCP and Azure platforms demonstrated through one or a combination of the following: work experience, training, military experience, education
• 3+ years of experience in cloud native IAM constructs: custom roles, service accounts, workload identity federation and Privilege Identity Management (PIM).
• Experience supporting access policy development and remediation strategies in large-scale, multi-cloud environments.
• Familiarity with CIEM, CSPM or IAM governance tools, e.g., Sonrai, Saviynt, Prisma Cloud, SailPoint, Azure PIM, GCP IAM recommender.
• Exposure to security operations workflows, audit log analysis, and ticketing/remediation processes.
• Strong communication and documentation skills; ability to explain complex access risks to technical and non-technical audiences.

Preferred Qualifications:

• Proficiency in Python, PowerShell or other scripting tools used for automation in cloud environments
• Experience working with SOAR platforms, particularly Splunk or Cortex XSOAR
• Understanding of enterprise control frameworks (e.g. NIST 800-53, CIS Benchmarks, ISO 27001)
• Familiarity with cloud onboarding and entitlement risk scoring models
• Prior experience supporting internal and external audit and regulatory reviews.

Preferred Certifications:

• ISC2 Certified Cloud Security Professional
• Certificate of Cloud Security Knowledge (CCSK)
• Cloud Certifications (GCP, Azure and/or AWS)
• ISC2 Certified Information Systems Security Professional (CISSP)

Job Expectations:

• Ability to work on-site in a hybrid model in one of the locations listed on the job posting