Application Penetration Testing Senior Manager
Wells Fargo · San Francisco, CA · 1 wk ago
Engineering$159k–$305k/yrFull-time
About This Role
Wells Fargo is seeking an Information Security Senior Manager for their Application Security Team. The role involves enhancing the security of Wells Fargo-developed applications through policies, processes, controls, and tools. The Senior Manager will lead a critical application penetration testing program, overseeing teams responsible for securing applications and reducing the risk of data breaches.
Responsibilities
- Manage and develop a geographically dispersed team of highly specialized individual contributors as they perform application penetration test assessments against a wide variety of technology systems and critical third parties.
- Evolve offensive capabilities in line with threats, cyber threat intelligence, and the technology strategy.
- Maintain an advanced awareness of current and evolving cyber threat tactics and techniques.
- Make decisions and resolve issues regarding changes to information security policy, standards, and procedures as needed for systems, applications, and tools.
- Set guidelines for compliance and risk management requirements for supported areas and work with other stakeholders to implement key risk initiatives.
- Advise more experienced leadership or executive management on issues with high, critical impact on the company.
- Represent the organization to regulators, industry groups, and governmental agencies.
- Manage, hire, and develop specialized application security penetration testers across platforms.
- Develop and guide a culture of talent development to meet business objectives and strategy.
- Manage relationships with third-party vendors and escalate any issues.
- Manage and develop application penetration testing assessment structure for AI and ML initiatives enterprise-wide.
- Apply foundational AI literacy by effectively using approved AI tools to support everyday work.
- Exercise sound judgment when interpreting and using AI-generated outputs.
- Understand basic AI limitations and appropriate use cases within daily workflows.
- Adhere to data privacy, security, and data handling standards when using AI tools.
- Use AI ethically and responsibly, in alignment with company policies and guidelines.
Requirements
- 7+ years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education.
- 3+ years of management or leadership experience.
- 3+ years of Penetration Testing Leadership experience.
- 1+ years of application security experience.
Desired Qualifications
- 3 + years of hands-on penetration testing experience.
- 2 + years of CI/CD integration experience.
- Experience assessing AI and ML systems.
- CISSP, CISM, GWAPT, GPEN, GXPN, GMOB, BSCP, or OSCP certification.
- Knowledge and understanding of information security practices and policies, including information security frameworks, standards, and best practices.