Information Security Engineering Manager - IAM
About This Role
Wells Fargo is seeking an Information Security Engineering Manager to lead a Privileged Access Management (PAM) engineering organization. This role is responsible for securing, modernizing, and evolving enterprise privileged access capabilities, including credential vaulting, secrets management, session control, and least-privilege enforcement. The manager will oversee risk reduction related to privileged identities while driving automation, DevSecOps integration, and standardized access patterns.
In This Role
You will provide strategic leadership for the Privileged Access Management (PAM) platform, defining vision, roadmaps, and long-term evolution for credential vaulting, session management, secrets management, and least-privilege access across the enterprise. Lead teams responsible for securing privileged credentials and access paths, including account onboarding, rotation, session isolation, and policy enforcement for human and non-human identities. Drive modernization of PAM capabilities, transitioning from legacy, manually managed access models to automated, policy-driven, and API-integrated solutions aligned with Zero Trust principles. Guide adoption of DevSecOps and automation patterns for privileged access, including CI/CD integrations, secrets delivery, ephemeral credentials, and infrastructure-as-code enablement. Oversee vulnerability reduction and risk mitigation related to privileged access, including elimination of hard-coded credentials, shared accounts, excessive entitlements, and standing access. Partner closely with security architecture, IAM, cloud, infrastructure, and application teams to embed privileged access controls into platforms, pipelines, and operating models. Manage a team of engineers designing, implementing, documenting, and supporting highly complex PAM solutions spanning CyberArk, secrets management platforms, directory services, cloud IAM, and hybrid environments. Serve as a subject matter expert in PAM technologies and best practices, staying current on emerging threats, access models, and platform capabilities. Lead technical investigation and response for privileged access-related incidents, including root cause analysis and remediation recommendations to prevent recurrence. Ensure PAM controls support availability, confidentiality, integrity, access governance, monitoring, and incident response, while enabling business agility and developer productivity. Mentor, develop, and retain engineering talent, building strong technical depth and leadership capability within the PAM organization. Demonstrate proficiency in using AI-assisted development and analysis tools (e.g., GitHub Copilot and approved code-centric agents). Leverage AI to accelerate system design, coding, testing, analysis, and troubleshooting. Apply strong technical judgment when validating and integrating AI-assisted outputs into solutions. Understand and account for model limitations, security risks, and operational considerations. Apply AI responsibly in development and production environments. Ensure AI usage aligns with security, compliance, privacy, and ethical standards.
Required Qualifications
- 5+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
- 2+ years of Leadership experience
Desired Qualifications
- Experience with CyberArk credential management system
- Experience with Agentic AI identity frameworks like SPIFFE and SPIRE
- Experience managing and developing high-performing Agile teams focused on Privileged Access Management, identity platforms, and security engineering solutions
- Hands-on understanding of Kubernetes and cloud-native environments from a privileged access perspective, including workload identity, service accounts, secrets distribution, and container access controls
- Proficiency with cloud and hybrid architectures requiring secure privileged access, including integration with cloud IAM, secrets management platforms, and enterprise PAM tooling
- Experience leading modernization of privileged access for legacy and home-grown systems, including removal of hard-coded credentials, reduction of shared accounts, and elimination of standing access
- Track record of transformation leadership to establish new privileged access patterns, operating models, and Zero Trust-aligned controls across the enterprise
- Expertise in automation and CI/CD enablement for PAM, including policy-as-code, secrets management, credential rotation, and integration across on-prem and cloud environments
Job Expectations
- Ability to work on-site in one of the listed locations in a hybrid environment. There is no option for fully remote work
- This position is not available for visa sponsorship
Pay Range
$119,000.00 - $187,000.00
Benefits
- Health benefits
- 401(k) Plan
- Paid time off
- Disability benefits
- Life insurance, critical illness insurance, and accident insurance
- Parental leave
- Critical caregiving leave
- Discounts and savings
- Commuter benefits
- Tuition reimbursement
- Scholarships for dependent children
- Adoption reimbursement
Posting End Date
14 Jul 2026
Job posting may come down early due to volume of applicants
We Value Equal Opportunity
Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.
Recruitment And Hiring Requirements
Third-Party recordings are prohibited unless authorized by Wells Fargo.
Drug and Alcohol Policy
Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more.