Senior Information Security Engineer

About this role:
Wells Fargo is seeking a Senior Information Security Engineer in Technology as part of Cybersecurity. Learn more about the career areas and lines of business at wellsfargojobs.com.
Wells Fargo is seeking a Cybersecurity Engineer to support the Cyber Incident Management function within Cybersecurity. This mid-level role is responsible for coordinating and executing technical response actions during security events, supporting Incident Commanders, and helping drive timely triage, investigation, containment, and remediation of cybersecurity incidents. The Incident Handler acts as a hands-on security SME during active events, works closely with SOC/IR teams, threat intelligence, engineering partners, and business stakeholders, and contributes to the continual improvement of incident management processes, playbooks, and tooling.
In this role, you will:

• Lead or participate in computer security incident response activities for moderately complex events
• Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
• Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards
• Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
• Review and correlate security logs
• Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
• Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
• Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals

Incident Handling & Technical Execution

• Support incident response teams during security events, executing triage, investigation, containment, and recovery activities.
• Support the Incident Commander by providing technical analysis, work management, and communications.
• Utilize incident response tools (e.g., SIEM, SOAR, EDR, forensic utilities) to collect evidence and assess scope and impact.
• Document incident timelines, actions taken, and technical findings.

Operational Coordination & Communication

• Coordinate with SOC analysts, threat intelligence teams, platform owners, and business application partners as part of incident response efforts.
• Escalate issues appropriately based on severity, risk, and business impact.
• Communicate technical findings in clear, concise language to technical and non-technical stakeholders.
• Assist in drafting incident summaries, after-action reports, and metrics for leadership review.

Process, Playbooks & Continuous Improvement

• Contribute to the development, refinement, and maintenance of incident response playbooks, runbooks, and standard operating procedures.
• Identify opportunities to streamline or automate recurring incident handling tasks.
• Support lessons-learned activities and assist in driving corrective actions to reduce future risk.
• Help maintain operational readiness across the enterprise by ensuring accurate documentation, consistent workflows, and alignment with incident management governance.

Tooling & Technical Support

• Use case management platforms, workflow tools, and alert pipelines to manage and track incident tasks.
• Support improvements to detection and response capabilities by providing feedback to engineering and detection teams.
• Assist in onboarding enhancements to incident management tooling, dashboards, and automation.

Required Qualifications:

• 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• Practical experience in incident response, SOC operations, log analysis, or threat detection.
• Working knowledge of core IR technologies: SIEM, EDR, SOAR, ticketing/case management, and forensic tools.
• Familiarity with common attack vectors, malware behavior, network security principles, and threat actor TTPs.

Desired Qualifications:

• Understanding of incident response methodologies and frameworks such as NIST 800-61, MITRE ATT&CK, NIST CSF, or ISO standards.
• Hands-on experience with cloud, endpoint, identity, or network security technologies.
• Experience in highly regulated environments or large-scale enterprise operations.
• Exposure to scripting or automation (Python, PowerShell, SOAR playbooks).
• Relevant certifications (e.g., GCIH, GCIA, GCFE, Security+, CySA+, CEH)
• Strong analytical and troubleshooting skills with the ability to investigate complex technical issues under time pressure.
• Effective verbal and written communication skills, including ability to summarize technical concepts clearly.

Pay Range
Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to demonstrated examples of prior performance, skills, experience, or work location. Employees may also be eligible for incentive opportunities.
$100,000.00 - $196,000.00
Benefits
Wells Fargo provides eligible employees with a comprehensive set of benefits, many of which are listed below. Visit Benefits - Wells Fargo Jobs for an overview of the following benefit plans and programs offered to employees.

• Health benefits
• 401(k) Plan
• Paid time off
• Disability benefits
• Life insurance, critical illness insurance, and accident insurance
• Parental leave
• Critical caregiving leave
• Discounts and savings
• Commuter benefits
• Tuition reimbursement
• Scholarships for dependent children
• Adoption reimbursement

Posting End Date:
1 Feb 2026
* Job posting may come down early due to volume of applicants.
We Value Equal Opportunity
Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.
Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements.
Applicants with Disabilities
To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo .
Drug and Alcohol Policy
Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more.
Wells Fargo Recruitment and Hiring Requirements:
a. Third-Party recordings are prohibited unless authorized by Wells Fargo.
b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.