28 days old

Cyber Security Data Scientist - Wells Fargo

Des Moines

Important Note During the application process, ensure your contact information (email and phone number) is up to date and upload your current resume when submitting your application for consideration. To participate in some selection activities you will need to respond to an invitation. The invitation can be sent by both email and text message. In order to receive text message invitations, your profile must include a mobile phone number designated as “Personal Cell” or “Cellular” in the contact information of your application

At Wells Fargo, we want to satisfy our customers’ financial needs and help them succeed financially. We’re looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you’ll feel valued and inspired to contribute your unique skills and experience.

Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you

Wells Fargo Technology sets IT strategy; enhances the design, development, and operations of our systems; optimizes the Wells Fargo infrastructure footprint; provides information security; and enables continuous banking access through in-store, online, ATM, and other channels to Wells Fargo’s more than 70 million global customers.

Our Information and Cyber Security team is looking for a senior cyber security engineer to join our Security Content Development (SCD) team. Duties include creating, improving, and delivering events of interest from both upstream security tools and big data solutions for the benefit of the cyber security teams. The ideal candidate will have extensive experience in network-focused forensics, incident response, and threat hunting utilizing both Deep Packet Inspection (i.e. full packet capture) and NetFlow solutions. The ideal candidate will additionally have a well-rounded background in endpoint/network defenses and security incident response, as well as some offensive security knowledge to allow the ability to think like an adversary. Polished verbal and written communication skills are desired, in order to ensure thorough and accurate reporting during and concluding a security incident. This role will be responsible for applying data sciences to big data using automated assessments. The candidate will also play a major role in our cyber threat hunt automation efforts, including creation of new models and procedures to identify anomalous network and/or endpoint behaviors. Threat hunting efforts will be focused primarily on identifying advanced threats that are not detected via traditional security tools. Regular collaboration with multiple teams such as the Cyber Threat Fusion Center, Security Content Development, Cyber Threat Intelligence, Threat Detection Services, and the Offensive Security Research Team will be critical to success. This position will help to provide crucial metrics associated with our ability to discover and react to security threats.

As a Team Member Manager, you are expected to achieve success by leading yourself, your team, and the business. Specifically you will

  • Lead your team with integrity and create an environment where your team members feel included, valued, and supported to do work that energizes them.
  • Accomplish management responsibilities which include sourcing and hiring talented team members, providing ongoing coaching and feedback, recognizing and developing team members, identifying and managing risks, and completing daily management tasks.

Requirements

Required Qualifications

  • 10+ years of information security applications and systems experience
  • 5+ years of Incident Response Protocols and Tools experience
  • 5+ years of Security Information and Event Management (SIEM/SIM/SEM) experience
  • 5 + years of experience with network security, endpoint security, or security threat vectors
  • 3+ years of Incident Management System experience
  • 3+ years of DPI (Deep Packet Inspection) experience
  • 2 + years of Regular Expression (regex) experience

Desired Qualifications

  • Expert knowledge and understanding of information security practices and policies, including Information Security Frameworks, Standards, and best practices
  • Ability to manage highly complex issues and negotiate solutions
  • Excellent verbal and written communication skills
  • Ability to interact and communicate effectively with all levels of an organization; including at the executive level
  • Knowledge and understanding of malware reverse engineering including code or behavior analysis for endpoints and the network
  • Ability to execute in a fast paced, high demand, environment while balancing multiple priorities
  • Experience working in a large enterprise environment
  • Knowledge and understanding of banking or financial services industry
  • Knowledge and understanding of data security controls including malware protection, firewalls, intrusion detection systems, content filtering, Internet proxies, encryption controls, and log management solutions
  • Experience analyzing large data sets
  • Python experience

Other Desired Qualifications

  • Hands-on experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices
  • Experience with host-based and/or network-based forensics tools and techniques
  • Experience with host and/or network log analysis as applied to incident response / threat hunting
  • Knowledge of offensive security, with the ability to think like an adversary when hunting and responding to incidents
  • Strong ability to identify anomalous behavior on endpoint devices and/or network communications
  • Strong experience in operating system and application security hardening and best practices
  • Strong investigative mindset with an attention to detail
  • Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux
  • Demonstrate the ability to provide written and verbal communications to management to address real-time issues and incidents, including writing formal incident reports
  • Advanced problem solving skills, ability to develop effective long-term solutions to complex problems
  • Certifications in one or more of the following Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensics Analyst (GNFA), Offensive Security (OSCP/OSCE/etc), or other relevant certifications.
  • 3+ years of experience with full packet capture solutions.
  • Elastic Search experience

Categories

Posted: 2019-12-20 Expires: 2020-02-18

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Cyber Security Data Scientist - Wells Fargo

Wells Fargo
Des Moines

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast