Senior Information Security Engineer - Firewall Micro-segmentation
Wells Fargo · Charlotte, NC · 4 days ago
Engineering$100k–$196k/yrFull-time
About the role
This role is a hybrid position, requiring 3 days in the office. No visa sponsorship or transfers are available for this position.
Responsibilities
- Design, document, test, maintain, and provide recommendations for highly complex security solutions related to Micro-Segmentation
- Engage teams to create automation and orchestration for the enterprise's Micro-Segmentation solution
- Identify new tools and features to strengthen enterprise Micro-Segmentation capabilities
- Serve as a point of contact for enterprise Micro-Segmentation deployments
- Implement security designs on large projects for internal clients to ensure conformity with corporate information, security policy, and standards
- Collaborate and provide influence with all members of the microsegmentation team
- Define and coordinate automation strategies to integrate micro-segmentation with CMDB and user-facing portals, translating business and security requirements into actionable deliverables for development teams
Requirements
- 4+ years of Information Security Engineering experience, or equivalent through a combination of work experience, training, military experience, or education
- Experience with Micro-Segmentation security solutions including policy management
- Strong understanding of APIs and proficiency in working with JSON
- Experience with scripting, scripting skills such as Python/PowerShell, Terraform/Ansible, Git/GitHub, CI/CD, ServiceNow IntegrationHub
- Experience with one or more: Guardicore (Akamai), VMware NSX T, Cisco Secure Workload, Calico/Cilium
- Experience with Hybrid cloud segmentation in Azure/AWS/GCP (NSG/ASG, SG/NACL, tags/labels)
- Experience with Service Mesh (Istio/Envoy), Kubernetes NetworkPolicies, OPA/Gatekeeper
- Experience with telemetry (NetFlow/IPFIX/eBPF, VPC Flow Logs) and SIEM analytics (Splunk/Sentinel/Elastic; KQL/SPL)
- Understanding of NIST 800 207 Zero Trust and mapping to NIST/CIS controls
- Experience designing policy simulation/shadow testing and staged rollouts with measurable KPIs
- Excellent technical documentation skills
- Experience with Service Now, Jira or similar systems
Qualifications
- Experience with scripting
- Experience with one or more: Guardicore (Akamai), VMware NSX T, Cisco Secure Workload, Calico/Cilium
- Experience with Hybrid cloud segmentation in Azure/AWS/GCP (NSG/ASG, SG/NACL, tags/labels)
- Experience with Service Mesh (Istio/Envoy), Kubernetes NetworkPolicies, OPA/Gatekeeper
- Experience with telemetry (NetFlow/IPFIX/eBPF, VPC Flow Logs) and SIEM analytics (Splunk/Sentinel/Elastic; KQL/SPL)
- Understanding of NIST 800 207 Zero Trust and mapping to NIST/CIS controls
- Experience designing policy simulation/shadow testing and staged rollouts with measurable KPIs
- Excellent technical documentation skills
- Experience with Service Now, Jira or similar systems
Skills
- Scripting skills such as Python/PowerShell, Terraform/Ansible, Git/GitHub, CI/CD; ServiceNow IntegrationHub
- Telemetry (NetFlow/IPFIX/eBPF, VPC Flow Logs) and SIEM analytics (Splunk/Sentinel/Elastic; KQL/SPL)
- Understanding of NIST 800 207 Zero Trust and mapping to NIST/CIS controls
- Experience designing policy simulation/shadow testing and staged rollouts with measurable KPIs
- Excellent technical documentation skills
- Experience with Service Now, Jira or similar systems
Benefits
See Benefits - Wells Fargo Jobs for an overview of the following benefit plans and programs offered to employees.