Information Security Engineering Manager - IAM
Wells Fargo · Charlotte, NC · 6 days ago
Engineering$119k–$187k/yrFull-time
About This Role
Wells Fargo is seeking an Information Security Engineering Manager to lead a Privileged Access Management (PAM) engineering organization. This role is responsible for securing, modernizing, and evolving enterprise privileged access capabilities, including credential vaulting, secrets management, session control, and least-privilege enforcement. The manager will oversee risk reduction related to privileged identities while driving automation, DevSecOps integration, and standardized access patterns.
In This Role, You Will
- Provide strategic leadership for the Privileged Access Management (PAM) platform, defining vision, roadmaps, and long-term evolution for credential vaulting, session management, secrets management, and least-privilege access across the enterprise.
- Lead teams responsible for securing privileged credentials and access paths, including account onboarding, rotation, session isolation, and policy enforcement for human and non-human identities.
- Drive modernization of PAM capabilities, transitioning from legacy, manually managed access models to automated, policy-driven, and API-integrated solutions aligned with Zero Trust principles.
- Guide adoption of DevSecOps and automation patterns for privileged access, including CI/CD integrations, secrets delivery, ephemeral credentials, and infrastructure-as-code enablement.
- Oversee vulnerability reduction and risk mitigation related to privileged access, including elimination of hard-coded credentials, shared accounts, excessive entitlements, and standing access.
- Partner closely with security architecture, IAM, cloud, infrastructure, and application teams to embed privileged access controls into platforms, pipelines, and operating models.
- Serve as a subject matter expert in PAM technologies and best practices, staying current on emerging threats, access models, and platform capabilities.
- Lead technical investigation and response for privileged access-related incidents, including root cause analysis and remediation recommendations to prevent recurrence.
- Ensure PAM controls support availability, confidentiality, integrity, access governance, monitoring, and incident response, while enabling business agility and developer productivity.
- Mentor, develop, and retain engineering talent, building strong technical depth and leadership capability within the PAM organization.
- Apply strong technical judgment when validating and integrating AI-assisted outputs into solutions.
- Understand and account for model limitations, security risks, and operational considerations.
- Ensure AI usage aligns with security, compliance, privacy, and ethical standards.
Required Qualifications
- 5+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
- 2+ years of Leadership experience
Desired Qualifications
- Experience with CyberArk credential management system
- Experience with Agentic AI identity frameworks like SPIFFE and SPIRE
- Experience managing and developing high-performing Agile teams focused on Privileged Access Management, identity platforms, and security engineering solutions
- Hands-on understanding of Kubernetes and cloud-native environments from a privileged access perspective, including workload identity, service accounts, secrets distribution, and container access controls
- Proficiency with cloud and hybrid architectures requiring secure privileged access, including integration with cloud IAM, secrets management platforms, and enterprise PAM tooling
- Experience leading modernization of privileged access for legacy and home-grown systems, including removal of hard-coded credentials, reduction of shared accounts, and elimination of standing access
- Track record of transformation leadership to establish new privileged access patterns, operating models, and Zero Trust-aligned controls across the enterprise
- Expertise in automation and CI/CD enablement for PAM, including policy-as-code, secrets management, credential rotation, and integration across on-prem and cloud environments
Job Expectations
- Ability to work on-site in one of the listed locations in a hybrid environment. There is no option for fully remote work
- This position is not available for visa sponsorship
Pay Range
$119,000.00 - $187,000.00
Benefits
- Health benefits
- 401(k) Plan
- Paid time off
- Disability benefits
- Life insurance, critical illness insurance, and accident insurance
- Parental leave
- Critical caregiving leave
- Discounts and savings
- Commuter benefits
- Tuition reimbursement
- Scholarships for dependent children
- Adoption reimbursement
Posting End Date
14 Jul 2026