Wells Fargo is seeking a hands-on engineer to assist with the design, operationalization, and continuous improvement of our Attack Surface Intelligence Data Analysis program. This role blends engineering and advanced data analytics to help discover, map, assess, and reduce risk across our internal and external digital footprint. You’ll be part of a team that focuses on data manipulation in order to make actionable intelligence out of massive sets of data. The team is charged with end-to-end ASI data lifecycle engineering from asset discovery and enrichment to threat-driven prioritization and actionable intelligence sharing—partnering closely with Vulnerability Management, Cloud Security, Application Security, and Incident Response.

In this role, you will:

• Build and maintain comprehensive, continuously updated asset inventories across on-prem, cloud (AWS/Azure/GCP), SaaS, IoT, and external-facing properties (domains, subdomains, IP ranges).
• Engineer automated discovery pipelines (e.g., external scans, DNS/cert transparency, cloud APIs, CMDB reconciliation).
• Implement entity resolution and de-duplication logic to unify disparate records into a single asset graph.
• Act as a senior contributor to the Attack Surface Intelligence Data Insights Team to provide subject matter expertise on data manipulation, pipeline creation, API development, dashboard/visualization and AI NLP usage for large datasets.
• Work closely with development and analysis partners to create a feedback loop from analysis, to development, to data and back.
• Assist with the continued maturity of an attack surface prioritization matrix
• Educate senior management regarding the strengths, weaknesses, opportunities, and threats associated with attack surface intelligence
• Provide regular threat/risk briefings to senior management regarding issues raised by the attack surface intelligence team. Present findings within a context of overall risk to the enterprise.
• Work closely with existing infrastructure and security teams, both to receive input and to provide practical and actionable intelligence
• Work closely with the Advanced Research Support team on the development of tools and strategies to address data needs

Required Qualifications:

• 7+ years of Cyber Security Research experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 7+ years of experience in briefing senior level executives and key stakeholders around cyber activities
• 7+ years of information security reporting and analysis experience  
• 5+ years of experience in one or a combination of the following: reporting, analytics, or modeling in an information security environment, information technology environment, or a combination of both

Desired Qualifications:

• Understanding of NIST framework (National Institute of Standards and Technology)
• 4 years of Threat Modeling
• 4 years of data modeling, data manipulation and API development
• Understanding of MITRE ATT&CK framework
• Experience with attack surface tooling, Tanium, Crowdstrike, Splunk, EDR solutions
• Thorough understanding of concepts and principles related to security, strategy, management, and intelligence analysis
• Ability to work productively with a variety of stakeholders (and their associated, sometimes conflicting) interests within the enterprise
• Ability to work with and against internal resistance, and, as necessary, build consensus for attack surface intelligence sharing within the enterprise
• Ability to think and act both strategically and tactically, theoretically, and pragmatically 
• Advanced cyber security certifications

Job Expectations:

• This position offers a hybrid work schedule
• This position is not eligible for Visa sponsorship
• Remote candidates will be considered

Salary Ranges:

• $159,000 - $254,000 - Charlotte, NC
• $159,000 - $254,000 - Chandler, AZ
• $159,000 - $254,000- Irving, TX
• $159,000 - $254,000 - San Antonio, TX
• $175,000 - $279,000 - Minneapolis, MN
• $191,000 - $305,000 - McLean, VA

Pay Range
 

Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to demonstrated examples of prior performance, skills, experience, or work location. Employees may also be eligible for incentive opportunities.

Posting End Date:

*Job posting may come down early due to volume of applicants.

We Value Equal Opportunity

Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.

Applicants with Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.

Drug and Alcohol Policy

Wells Fargo maintains a drug free workplace.  Please see our Drug and Alcohol Policy to learn more.

Wells Fargo Recruitment and Hiring Requirements:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.

b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.