Information Assurance Engineer jobs at Dean Dorton - 123 jobs

At Crypto.com, our dedication to user security is led by our highly experienced Security Team. Comprising an international roster of seasoned cybersecurity experts, our team leads the company's Security, Privacy, and Security Compliance endeavors. The team includes holders of international patents for technologies integrated in our security architecture. Under the stewardship of a distinguished CISO recognized by the Forbes Technology Council and among the Global Top 100 CISOs, our team has consistently championed industry standards, acquiring certifications like ISO27001, ISO27701, ISO22301, PCI:DSS 3.2.1 (Level 1), NIST Tier 4, and SOC 2 Type II, in addition to the MPI License from Singapore MAS. Our Chief Information Security Officer reports directly to the CEO, underscoring the prioritization of security in our organization's hierarchy. Our Security Team not only places great emphasis on credentials and expertise but also deeply values hands-on experience, rapid cognition, and dynamic learning. The challenges in the world of crypto are ever-evolving, and as such, our team prides itself on quick adaptability and robust teamwork, ensuring that we stay ahead of potential threats and always safeguard our user base. About the Role As our Security Compliance Senior Analyst, you will be tasked with security compliance activities along with our journey. You are expected to take the initiative to assist us with several security compliance programs and certifications. You are required to address and review compliance gaps and give recommendations and support on remediation activities. You will also be trusted to provide technical advice to ensure that security compliance requirements are met throughout all business units. This role requires technical knowledge of network security, especially on-prem and cloud native architectures. A familiarity with US derivatives regulatory frameworks would be advantageous. Job Responsibilities: Assist in our security compliance programs, including ISO27001, ISO27701, PCI-DSS, SOC2 Type 2, and local regulations Participate in internal security and privacy assessments, internal and external audits, compliance certifications, and risk management Provide complete and accurate responses to internal and third-party enquiries on security compliance Perform security compliance assessment activities, including periodic technical, organizational, and third-party risk and control assessments, and managing remediation activities to completion Design and manage necessary control and framework required to comply with international standards and US local regulations Identify and drive process improvements for streamlining global security compliance operations Qualifications: 3-5 years of experience in information security, privacy, IT audit or IT risk management related roles. Prefer experience with one or more of the following: In-house security and privacy operations, conducting security control assessments, risk assessments or audits. Prefer experience with any of the following: ISO27001, ISO27701, SOC1, SOC2, PCI, SOX, COSO, cloud technologies, and data protection regulations and requirements. Ability to analyze and review US and Global privacy and information security compliance and provide guidance. Holders of security-related certifications/qualifications will be an advantage: CISSP, CRISC, CISM, CISA, ISO27001 LA, CIPT, CIPP/E, or other relevant certifications Experience leading compliance initiatives and working with auditors and/or external regulators It's a plus if you: Have experience in information security and privacy management in virtual assets, fintech, online services, platform services, or global services. Have experience in establishing information security and privacy framework to meet US regulations, (CFTC, FINRA, SEC, and other US based regulators.) Are a strong commitment to personal learning and development Are detail minded with an analytical mindset Have good communication skills with an ability to explain complex technical issues to non-technical business users Have prior experience with project management Have an interest and understanding of Blockchain and AI technologies ***************** Empowered to think big. Try new opportunities while working with a talented, ambitious and supportive team.Transformational and proactive working environment. Empower employees to find thoughtful and innovative solutions.Growth from within. We help to develop new skill-sets that would impact the shaping of your personal and professional growth.Work Culture. Our colleagues are some of the best in the industry; we are all here to help and support one another.One cohesive team. Engage stakeholders to achieve our ultimate goal - Cryptocurrency in every wallet. Work Flexibility Adoption. Flexi-work hour and hybrid or remote set-up Aspire career alternatives through us - our internal mobility program offers employees a new scope. Are you ready to kickstart your future with us? BenefitsCompetitive salary Attractive annual leave entitlement including: birthday, work anniversary 401(k) plan with employer match Eligible for company-sponsored group health, dental, vision, and life/disability insurance Work Flexibility Adoption. Flexi-work hour and hybrid or remote set-up Aspire career alternatives through us. Our internal mobility program can offer employees a diverse scope. Our Crypto.com benefits packages vary depending on region requirements, you can learn more from our talent acquisition team. About Crypto.com:Founded in 2016, Crypto.com serves more than 150 million customers and is the world's fastest growing global cryptocurrency platform. Our vision is simple: Cryptocurrency in Every Wallet™. Built on a foundation of security, privacy, and compliance, Crypto.com is committed to accelerating the adoption of cryptocurrency through innovation and empowering the next generation of builders, creators, and entrepreneurs to develop a fairer and more equitable digital ecosystem. Learn more at ******************* Crypto.com is an equal opportunities employer and we are committed to creating an environment where opportunities are presented to everyone in a fair and transparent way. Crypto.com values diversity and inclusion, seeking candidates with a variety of backgrounds, perspectives, and skills that complement and strengthen our team. Personal data provided by applicants will be used for recruitment purposes only. Please note that only shortlisted candidates will be contacted.

We are currently seeking strong candidates for a full-time Information Security Engineer position in our Overland Park, Kansas headquarters. Responsibilities Responsible for the analysis and implementation, testing, operations, and maintenance of Information Security solutions. Conduct assessments as required for the Information Security Program to determine whether systems performed as expected and provides input to the determination of operational effectiveness. Day-to-day support for Information Security and Technology functions: o Malware Response Process o Log Management Process o Malware Response Process o Vulnerability Management Process o Tracking and reporting on information generated by Information Security Program activities. Analysis of the security aspects of new or existing computer applications, software, or specialized utility programs. Draw insights about their possible implications and provide appropriate recommendations. Qualifications Bachelor's degree from an accredited college/university or equivalent experience 3 - 5 years' of work experience , financial services industry experience a plus Skills & Knowledge Strong self-starter who thrives in a fast-paced, dynamic environment Experience confidently and collaboratively working with individuals at all levels of an organization Ability to conceptualize and support big picture concepts and goals of the organization Has excellent verbal and written communication skills to provide an exceptional client service experience Strong attention to detail and critical thinking skills Highly organized, able to manage multiple tasks with tight deadlines We welcome your interest in being a part of our firm. We believe in giving associates progressive opportunities, actively nurturing professional growth and giving back to the community. We are dedicated to building a diverse culture where everyone has the support they need to achieve their career goals. We offer an innovative workplace and a culture that fosters camaraderie, teamwork and work-life balance. EOE/M/F/D/V

Responsible for leading independent quality checks and the development of methods to measure the quality and performance of the functional testing processes. Leads testing and evaluation activities that identify issues, trends and gaps in existing programs. Provides and independent assessment of the programs, policies and procedures tested and provides feedback to management. Responsible for the creation of Quality Assurance (QA) testing strategy and documentation, while collaborating with the project teams to create the project test plan. Works with project and development teams on the testing timeline and schedule to ensure coordination across multiple groups. Evaluates the testing environment setup to ensure all requirements are met. Serves as a mentor to less experienced teammates and leads testing meetings and routines. Ultimately responsible for all testing activities within a project to ensure the Software Development Lifecycle (SDLC) QA activities are followed and artifacts are created to be compliant with the Bank's SDLC requirements. Responsibilities * Independent Testing & Validation - Writes test cases based on requirements and user stories provided and performs manual testing as needed. Creates testing plans and test cases and loads them into the appropriate tools. Participates in defect meetings and overall project plan routines to present analysis on current defects as well as re-tested defects. * Data Analysis - Sources, compiles and interprets data. Analyzes data for accuracy and efficiency, and effectively communicates analysis output. * Risk Management - Contributes to the mitigation of risk in the Information Technology organization by thoroughly testing and performing quality checks of existing programs, policies and procedures. * Business Strategy - Assists in leading the Quality Assurance testing teams by creating test plans, developing the testing timelines and schedules, and coordinating workstreams across multiple teams. Qualifications Bachelor's Degree and 6 years of experience in Quality Assurance experience in a Financial Services organization OR High School Diploma or GED and 10 years of experience in Quality Assurance experience in a Financial Services organization Benefits are an integral part of total rewards and First Citizens Bank is committed to providing a competitive, thoughtfully designed and quality benefits program to meet the needs of our associates. More information can be found at ****************************************

Nomura is a global financial services group with an integrated network spanning approximately 30 countries and regions. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its three business divisions: Wealth Management, Investment Management, and Wholesale (Global Markets and Investment Banking). Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership. For further information about Nomura, visit *************** Nomura Services, India supports the group's global businesses. With world-class capabilities in trading support, research, information technology, financial control, operations, risk management and legal support, the firm plays a key role in facilitating the group's global operations. At Nomura, creating an inclusive workplace is a priority. Our approach to inclusion encompasses a variety of initiatives, including sensitization campaigns, implementing conducive policies & programs, providing infrastructure support and engaging in community events. Over time, we have made meaningful progress in these areas, and this commitment has been well-recognized across the industry. We are proud recipients of the prestigious Top 10 Employers award by the India Workplace Equality Index (IWEI), IWEI Gold Employer of Choice awards, India CSR Leadership Award 2024 for Holistic Village Development Program and the YUVA Unstoppable Changemaker Awards. Division Overview: The Global Information Security teams are responsible for the confidentiality, integrity and availability of the firm's information and assets. Responsible for maintaining, communicating and raising awareness of the Policy. Facilitate the effective implementation and compliance of the firms polices. The Global Information Security Team is based in Europe, Asia, India and America. Business Unit Overview: The team's focus is to serve as the single point of contact for all Information security related queries, concerns and technologies. Provide a high standard of user and business support in a responsive and timely manner across all businesses, take responsibility and ownership for maintaining the global strategy and controls for the delivery and operational deployment of global security initiatives in a manner consistent with the common business goals and objectives. Skills & Experience * Bachelor's degree in computer science, Cybersecurity, Information Technology, or related fields with 8-12 years' experience in Information Security with at least 3-5 years in a SOC Leadership. * Strong knowledge of security technology areas like Security Operations Center, Incident Response, Threat Intelligence, Digital Forensics, Threat Hunting, Malware Analysis etc. * Proven experience in handling security events in mission critical environments, hands-on troubleshooting, analysis, and technical expertise to guide team members in resolution of incidents as per agreed SLA. * Hands-on experience with MITRE ATT&K, incident response frameworks such as NIST and SANS. * Sound knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection) * Should have sound knowledge of SIEM/EDR/Data Lake/UEBA such as ArcSight, QRadar, Elastic search, SOAR etc. and help team in investigating security issues and/or complex operational issues * Should have experienced in the Usecase management lifecycle and stay updated with New Threat threats to integrate in SOC monitoring. * Should have previous experience in solving day-to-day operational processes such as security monitoring, data correlation, security operations and cloud monitoring would be add-on. * Experience in implementing and monitoring Cloud Security controls for AWS and Azure cloud * Advanced knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases) * Other Experience * Good organization, communication, and coordination skills are essential for this position. * This job requires managing projects and delivering services so experience in either project management or ITIL service management is desired. * Preferred * Any security certifications, such as: GCIH, CISSP, CISM, Security+, CEH, CCSK, or similar industry recognized certifications. * Project management certifications, such as PMP, Prince2, or CSM. * Other best-practice IT certifications such as ITIL or COBIT * Knowledge of controls frameworks such as NIST CSF, NIST SP 800-53, ISO 27001/2, CIS, and FISC. * Experience working in a global team. * Personal Characteristics * Strong communication skills, ability to work comfortably with different regions. * Good team player, ability to work on a local, regional and global basis and as part of joint cross location teams and cross functional teams. * Ability to be pro-active and self-manage tasks through to completion. * Able to perform under pressure. Position Specifications: Corporate Title VP Functional Title SOC Manager Experience 15+ years' experience in Information Security with at least 5+ years in a SOC Leadership Qualification B.E / B.Tech / MCA / M.Tech Location Powai, Mumbai Requisition No Role & Responsibilities: We are seeking an experienced and proactive SOC Manager to lead our 24x7 Global SOC team. The ideal candidate will be responsible for managing security analysts, overseeing daily operations, coordinating incident response efforts, and continuously enhancing threat detection, analysis and response capabilities. The SOC Manager will ensure operational excellence, threat coverage, and alignment with enterprise security policies, compliance mandates, and business objectives. The SOC Manager will be expected to: * Lead and manage a team of SOC analysts across various shifts, ensuring 24x7 operational coverage. * Oversee the monitoring, detection, analysis, and response to cyber threats, incidents and vulnerabilities. * Establish, document, and refine SOC processes, playbooks, and workflows for consistent and effective response. * Manage Global and Regional stakeholder, Business Units, SOC services Expansion at group level and Manage Compliance to Global and regional regulators DORA, MAS * Coordinate with internal IT, legal, compliance risk, and external stakeholders during security incidents and investigations. * Drive use case development, detection tuning, and threat hunting initiatives using SIEM, SOAR, and threat Intelligence platforms. * Implementation of SOC control objectives and drive continuous improvement to SOC Metrics * Ensure SOC performance through KPIs, SLAs, and continuous service improvement initiatives. * Perform regular threat modeling, incident simulations (tabletop exercises), and post-incident reviews. * Evaluate and recommend new tools, services, capabilities to improve SOC effectiveness. * Ensure compliance with relevant security standards (e.g., ISO 27001, NIST, GDPR, etc.). * Mentor and develop SOC team members through coaching, training, and career development plans. * Support internal and external audit by providing necessary evidences and documentation. Additional Responsibilities * Create, develop, and manage tools and scripts/process to assist in the monitoring of cyber risk, intelligence sources, and automation of processes. * Develop metrics and reporting programs for senior leadership. * Project management of Intelligence Lifecycle, including documentation. * Occasional off-hours and weekend work required. All team members will need to perform project management activities (Change the Bank (CTB)), as well as operational activities and support (Run the Bank (RTB)). Requirement (indicate mandatory and/or preferred): Mandatory * Drive SOC Strategy as per the Global Leadership strategy: * Strong knowledge of Security log data pipeline solution * Understanding of Log sources onboarding covering MITRE ATT&K Framework * Ensure parser development for unsupported logs sources * Security Data Lake implementation * Proven experience on UEBA for Insider Threat detection * Usecase management for SOC Monitoring Nomura Leadership Behaviours: Leadership Behaviours Description Element Exploring Insights & Vision Comprehensively analyse the nature of the problems we face and set our focus toward the future vision * Gather Intelligence * Create a vision * Identify an issue Making Strategic Decisions Analyse options and feasibility to resolve issues, in making judgments and recommendations * Identify countermeasures * Assess feasibility * Make a judgment Inspiring Entrepreneurship in People Promotes the vision and goals to others in such a way that inspires commitment and independent contributions * Influence * Inspire * Commit Elevating Organizational Capacity Maximize organizational productivity through leadership development and engagement * Have an ownership in own development * Support other's growth * Encourage organizational growth Inclusion Respect diverse perspectives and promote psychological safety and the creation of a risk culture * Foster psychological safety * Encourage the active participation of all talent * Foster a risk culture We are committed to providing equal opportunities throughout employment including in the recruitment, training and development of employees. We prohibit discrimination in the workplace whether on grounds of gender, marital or domestic partnership status, pregnancy, carer's responsibilities, sexual orientation, gender identity, gender expression, race, color, national or ethnic origins, religious belief, disability or age. * Applying for this role does not amount to a job offer or create an obligation on Nomura to provide a job offer. The expression "Nomura" refers to Nomura Services India Private Limited together with its affiliates.

Oversee and validate the effectiveness of security controls and configuration baselines implemented by first line teams. Regularly review security documentation and operational practices to ensure alignment with regulatory requirements, industry standards, and organizational policies. Recommend improvements to control frameworks and support the development and maintenance of security policies, standards, and procedures. Review and validate reports and metrics provided by first line teams to assess the effectiveness of security solutions and controls. Analyze trends and findings to identify systemic risks or gaps and collaborate with operational teams to ensure timely remediation and continuous improvement. Prepare independent summaries and recommendations for management based on oversight activities. Maintain up-to-date detailed knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors. Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security. Assist in the deployment, integration, and initial configuration of all new security solutions and any enhancements to existing security solutions in accordance with standard best operating procedures and the enterprise's security documents. Assist in investigations of security incidents and problematic activities to help identify root causes and recommend corrective actions. Contribute to the development and delivery of information security awareness training programs for all organizational levels, including new hire orientation and ongoing awareness campaigns. Perform additional responsibilities as assigned to support the overall security objectives of the organization. Participate in the planning and design of enterprise security architecture, under the direction of the Information Security Manager. Assist in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the CISO. Contribute to the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan, under the direction of the CISO. Minimum Qualifications: Second year college student focusing on Information Technology or Information Security Two to four years related experience or equivalent combination of education and experience Security related certifications such as: Security +, CISA, CISSP, CRISC, CISM, GRCP, CCSP, CGEIT are strongly desired Eligibility requirements may differ for each benefit or program. National Cooperative Bank, N.A. is an Equal Employment Opportunity Employer (EOE/AA)

About this role: Wells Fargo is seeking a Senior Web and Email Security Engineer to join the Enterprise Data Loss Prevention (EDLP) Web and Email Security (WES) team, which governs, monitors, and enforces Wells Fargo's Appropriate Use Policy through enterprise web filtering and email security controls. This role plays a critical part in safeguarding the organization by assessing, permitting, or restricting Internet and email access based on risk, compliance standards, and business needs. The ideal candidate brings strong analytical skills, sound judgment, and experience operating within complex, highly regulated environments. Key Responsibilities Web Security Operations * Monitor external connectivity to identify access attempts to unsanctioned or inappropriate websites. * Conduct detailed research on requested or newly discovered sites to determine their risk profile, category, and compliance impact. * Block Internet resources determined to be invalid, unsafe, malicious, or out of policy for Wells Fargo connectivity. * Review and process unblock requests based on documented business justification, risk assessment, and organizational standards. Email Security & Support * Serve as an intake point for inquiries related to restricted emails, blocked content, and delivery issues. * Analyze and resolve email‑related exceptions while ensuring alignment with enterprise security policies. Entitlement & Access Governance * Manage entitlements across web and email security tools, ensuring appropriate access and adherence to least‑privilege principles. * Maintain documentation and operational controls to support compliance, audits, and regulatory obligations. Controls, Procedures & Continuous Improvement * Maintain and update process documentation, operational procedures, and control evidence. * Support control design, testing, and remediation activities. * Identify opportunities to strengthen existing processes, improve efficiency, and enhance overall security posture. Additionally, you will: * Lead or participate in computer security operational activities for moderately complex events * Conduct technical investigation of security related incidents and post incidents digital forensics to identify causes and recommend future mitigation strategies * Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards * Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to web and email security * Review and correlate security logs * Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity * Collaborate and consult with peers, colleagues, and managers to resolve issues and achieve goals Required Qualifications * 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications * Experience in information security, DLP, or web/email security technologies. * Familiarity with enterprise web filtering platforms, URL categorization, or proxy services. * Demonstrated experience with Cloud Access Security Brokers (CASBs) * Strong analytical, investigative, and problem‑solving skills. * Knowledge of regulatory and compliance requirements in a large financial institution. * Ability to work in a fast‑paced, operational environment with Service Level Agreements (SLAs) and high scrutiny. * Excellent communication skills with the ability to partner effectively across business and technology teams. Job Expectations: * This position offers a hybrid work schedule * This position is not eligible for Visa sponsorship * Possible up to 10% travel Locations: * 1525 WT Harris Blvd, Charlotte, North Carolina * 194 Wood Ave S, Iselin, NJ * 2600 S Price Rd, Chandler, Arizona * 550 S. 4th St., Minneapolis, MN Pay Range Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to demonstrated examples of prior performance, skills, experience, or work location. Employees may also be eligible for incentive opportunities. $100,000.00 - $196,000.00 Benefits Wells Fargo provides eligible employees with a comprehensive set of benefits, many of which are listed below. Visit Benefits - Wells Fargo Jobs for an overview of the following benefit plans and programs offered to employees. * Health benefits * 401(k) Plan * Paid time off * Disability benefits * Life insurance, critical illness insurance, and accident insurance * Parental leave * Critical caregiving leave * Discounts and savings * Commuter benefits * Tuition reimbursement * Scholarships for dependent children * Adoption reimbursement Posting End Date: 4 Feb 2026 * Job posting may come down early due to volume of applicants. We Value Equal Opportunity Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic. Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements. Applicants with Disabilities To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo. Drug and Alcohol Policy Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more. Wells Fargo Recruitment and Hiring Requirements: a. Third-Party recordings are prohibited unless authorized by Wells Fargo. b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.

About this role: Wells Fargo is seeking a Senior Web and Email Security Engineer to join the Enterprise Data Loss Prevention (EDLP) Web and Email Security (WES) team, which governs, monitors, and enforces Wells Fargo's Appropriate Use Policy through enterprise web filtering and email security controls. This role plays a critical part in safeguarding the organization by assessing, permitting, or restricting Internet and email access based on risk, compliance standards, and business needs. The ideal candidate brings strong analytical skills, sound judgment, and experience operating within complex, highly regulated environments. Key Responsibilities Web Security Operations * Monitor external connectivity to identify access attempts to unsanctioned or inappropriate websites. * Conduct detailed research on requested or newly discovered sites to determine their risk profile, category, and compliance impact. * Block Internet resources determined to be invalid, unsafe, malicious, or out of policy for Wells Fargo connectivity. * Review and process unblock requests based on documented business justification, risk assessment, and organizational standards. Email Security & Support * Serve as an intake point for inquiries related to restricted emails, blocked content, and delivery issues. * Analyze and resolve email‑related exceptions while ensuring alignment with enterprise security policies. Entitlement & Access Governance * Manage entitlements across web and email security tools, ensuring appropriate access and adherence to least‑privilege principles. * Maintain documentation and operational controls to support compliance, audits, and regulatory obligations. Controls, Procedures & Continuous Improvement * Maintain and update process documentation, operational procedures, and control evidence. * Support control design, testing, and remediation activities. * Identify opportunities to strengthen existing processes, improve efficiency, and enhance overall security posture. Additionally, you will: * Lead or participate in computer security operational activities for moderately complex events * Conduct technical investigation of security related incidents and post incidents digital forensics to identify causes and recommend future mitigation strategies * Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards * Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to web and email security * Review and correlate security logs * Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity * Collaborate and consult with peers, colleagues, and managers to resolve issues and achieve goals Required Qualifications * 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications * Experience in information security, DLP, or web/email security technologies. * Familiarity with enterprise web filtering platforms, URL categorization, or proxy services. * Demonstrated experience with Cloud Access Security Brokers (CASBs) * Strong analytical, investigative, and problem‑solving skills. * Knowledge of regulatory and compliance requirements in a large financial institution. * Ability to work in a fast‑paced, operational environment with Service Level Agreements (SLAs) and high scrutiny. * Excellent communication skills with the ability to partner effectively across business and technology teams. Job Expectations: * This position offers a hybrid work schedule * This position is not eligible for Visa sponsorship * Possible up to 10% travel Locations: * 1525 WT Harris Blvd, Charlotte, North Carolina * 194 Wood Ave S, Iselin, NJ * 2600 S Price Rd, Chandler, Arizona * 550 S. 4th St., Minneapolis, MN Pay Range Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to demonstrated examples of prior performance, skills, experience, or work location. Employees may also be eligible for incentive opportunities. $100,000.00 - $196,000.00 Benefits Wells Fargo provides eligible employees with a comprehensive set of benefits, many of which are listed below. Visit Benefits - Wells Fargo Jobs for an overview of the following benefit plans and programs offered to employees. * Health benefits * 401(k) Plan * Paid time off * Disability benefits * Life insurance, critical illness insurance, and accident insurance * Parental leave * Critical caregiving leave * Discounts and savings * Commuter benefits * Tuition reimbursement * Scholarships for dependent children * Adoption reimbursement Posting End Date: 4 Feb 2026 * Job posting may come down early due to volume of applicants. We Value Equal Opportunity Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic. Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements. Applicants with Disabilities To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo. Drug and Alcohol Policy Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more. Wells Fargo Recruitment and Hiring Requirements: a. Third-Party recordings are prohibited unless authorized by Wells Fargo. b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.

**About this role:** Wells Fargo is seeking a Senior Information Security Engineer in Technology as part of Cybersecurity. Learn more about the career areas and lines of business at wellsfargojobs.com. Wells Fargo is seeking a Cybersecurity Engineer to support the Cyber Incident Management function within Cybersecurity. This mid-level role is responsible for coordinating and executing technical response actions during security events, supporting Incident Commanders, and helping drive timely triage, investigation, containment, and remediation of cybersecurity incidents. The Incident Handler acts as a hands-on security SME during active events, works closely with SOC/IR teams, threat intelligence, engineering partners, and business stakeholders, and contributes to the continual improvement of incident management processes, playbooks, and tooling. **In this role, you will:** + Lead or participate in computer security incident response activities for moderately complex events + Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies + Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards + Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security + Review and correlate security logs + Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity + Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives + Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals **Incident Handling & Technical Execution** + Support incident response teams during security events, executing triage, investigation, containment, and recovery activities. + Support the Incident Commander by providing technical analysis, work management, and communications. + Utilize incident response tools (e.g., SIEM, SOAR, EDR, forensic utilities) to collect evidence and assess scope and impact. + Document incident timelines, actions taken, and technical findings. **Operational Coordination & Communication** + Coordinate with SOC analysts, threat intelligence teams, platform owners, and business application partners as part of incident response efforts. + Escalate issues appropriately based on severity, risk, and business impact. + Communicate technical findings in clear, concise language to technical and non-technical stakeholders. + Assist in drafting incident summaries, after-action reports, and metrics for leadership review. **Process, Playbooks & Continuous Improvement** + Contribute to the development, refinement, and maintenance of incident response playbooks, runbooks, and standard operating procedures. + Identify opportunities to streamline or automate recurring incident handling tasks. + Support lessons-learned activities and assist in driving corrective actions to reduce future risk. + Help maintain operational readiness across the enterprise by ensuring accurate documentation, consistent workflows, and alignment with incident management governance. **Tooling & Technical Support** + Use case management platforms, workflow tools, and alert pipelines to manage and track incident tasks. + Support improvements to detection and response capabilities by providing feedback to engineering and detection teams. + Assist in onboarding enhancements to incident management tooling, dashboards, and automation. **Required Qualifications:** + 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education + Practical experience in incident response, SOC operations, log analysis, or threat detection. + Working knowledge of core IR technologies: SIEM, EDR, SOAR, ticketing/case management, and forensic tools. + Familiarity with common attack vectors, malware behavior, network security principles, and threat actor TTPs. **Desired Qualifications:** + Understanding of incident response methodologies and frameworks such as NIST 800-61, MITRE ATT&CK, NIST CSF, or ISO standards. + Hands-on experience with cloud, endpoint, identity, or network security technologies. + Experience in highly regulated environments or large-scale enterprise operations. + Exposure to scripting or automation (Python, PowerShell, SOAR playbooks). + Relevant certifications (e.g., GCIH, GCIA, GCFE, Security+, CySA+, CEH) + Strong analytical and troubleshooting skills with the ability to investigate complex technical issues under time pressure. + Effective verbal and written communication skills, including ability to summarize technical concepts clearly. **Pay Range** Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to demonstrated examples of prior performance, skills, experience, or work location. Employees may also be eligible for incentive opportunities. $100,000.00 - $196,000.00 **Benefits** Wells Fargo provides eligible employees with a comprehensive set of benefits, many of which are listed below. Visit Benefits - Wells Fargo Jobs (*************************************************************** for an overview of the following benefit plans and programs offered to employees. + Health benefits + 401(k) Plan + Paid time off + Disability benefits + Life insurance, critical illness insurance, and accident insurance + Parental leave + Critical caregiving leave + Discounts and savings + Commuter benefits + Tuition reimbursement + Scholarships for dependent children + Adoption reimbursement **Posting End Date:** 1 Feb 2026 ***** **_Job posting may come down early due to volume of applicants._** **We Value Equal Opportunity** Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic. Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements. **Applicants with Disabilities** To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo (****************************************************************** . **Drug and Alcohol Policy** Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy (********************************************************************** to learn more. **Wells Fargo Recruitment and Hiring Requirements:** a. Third-Party recordings are prohibited unless authorized by Wells Fargo. b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process. **Req Number:** R-514584

Hours: 40 Pay Details: $98,160 - $159,270 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Line of Business: Technology Solutions Job Description: The Information Security Specialist - AI Penetration Tester is responsible for conducting advanced offensive security testing across AI/ML systems, LLM integrations, GenAI platforms, and associated infrastructure. This role serves as a subject-matter expert in AI/LLM security, partnering with engineering, cyber, cloud, and architecture teams to identify vulnerabilities, improve controls, and ensure safe and compliant deployment of AI capabilities across the enterprise. AI/LLM Offensive Security & Vulnerability Testing * Conduct Penetration Tests: Design and execute comprehensive penetration tests targeting AI/ML models, LLM applications, model pipelines, retrieval systems, data agents, and AI-enabled business workflows. * AI/LLM Vulnerability Analysis: Identify vulnerabilities such as jailbreaking, prompt injection, model extraction, adversarial ML attacks, data poisoning, RAG bypasses, and safety guardrail circumvention. * Tooling & Automation: Evaluate and develop tooling (including internal utilities and open‑source frameworks) to automate and scale AI/LLM security testing. Security Architecture, Hardening & Risk Assessment * Assess Security Posture: Analyze training data governance, guardrail design, inference endpoints, system prompts, agent autonomy, model monitoring, and model‑ops pipelines. * Risk Assessments: Perform security and safety risk analyses on new and existing AI/ML deployments, including cloud‑based services, APIs, model marketplaces, and third‑party LLM integrations. * Model Supply Chain Security: Assess AI supply chain risks, dependency integrity, and alignment with enterprise standards and regulatory obligations. Documentation, Reporting & Communication * Report Findings: Deliver clear, actionable findings to both technical and non‑technical stakeholders. Produce detailed reporting including: * Executive summaries * Technical proof‑of‑concepts * Prioritized remediation recommendations * Stakeholder Engagement: Collaborate with Engineering, Data Science, Cloud, Cyber Defense, Architecture, and Risk to remediate findings and improve AI security posture. Governance, Standards & Continuous Improvement * Develop Best Practices: Contribute to organization-wide AI security standards, policies, control objectives, and hardening practices. * Regulatory Compliance: Ensure AI penetration testing aligns with regulatory, privacy, model safety, and internal policy requirements. * Continuous Learning: Maintain deep expertise in emerging AI threats, industry frameworks, evaluation methodologies, and global safety standards. Incident Response & Audit Support * Participate in AI/ML-related security incident investigations, providing subject-matter expertise on root cause analysis and exploitation methods. * Support audit preparation and assist in drafting management responses, remediation plans, and risk treatment documentation. Education & Experience: * Bachelor's degree preferred * Information security certification / accreditation an asset * 7+ years of relevant experience * Expert knowledge of IT security and risk disciplines and practices Preferred Qualifications Technical Skills * 5+ years in application security or penetration testing, with hands-on experience in AI/ML environments preferred. * 7+ years of experience using penetration testing tools (Metasploit, Burp Suite, Nmap, Kali, etc.). * Strong knowledge of AI/LLM vulnerabilities including OWASP Top 10 for LLMs, adversarial attacks, prompt injection, and model safety testing frameworks. * Familiarity with scripting and automation (Python preferred), model interrogation techniques, and cloud-native AI services (Azure, AWS, GCP). * Experience penetration testing AI/LLM platforms, cloud workloads, and PCI-scoped environments. * Knowledge of security frameworks (NIST AI RMF, OWASP LLM/ML, ISO 42001, MITRE ATLAS). * Relevant certifications: OSCP, CEH, GPEN, CISSP, or AI/ML security certifications. * Experience supporting audits, compliance reviews, and incident response activities. #EVMAI #TDCyberSecurity #Hybrid Physical Requirements: Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% * Domestic Travel - Occasional * International Travel - Never * Performing sedentary work - Continuous * Performing multiple tasks - Continuous * Operating standard office equipment - Continuous * Responding quickly to sounds - Occasional * Sitting - Continuous * Standing - Occasional * Walking - Occasional * Moving safely in confined spaces - Occasional * Lifting/Carrying (under 25 lbs.) - Occasional * Lifting/Carrying (over 25 lbs.) - Never * Squatting - Occasional * Bending - Occasional * Kneeling - Never * Crawling - Never * Climbing - Never * Reaching overhead - Never * Reaching forward - Occasional * Pushing - Never * Pulling - Never * Twisting - Never * Concentrating for long periods of time - Continuous * Applying common sense to deal with problems involving standardized situations - Continuous * Reading, writing and comprehending instructions - Continuous * Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at ***************. Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process.

Mount Laurel, New Jersey, United States of America **Hours:** 40 **Pay Details:** $98,160 - $159,270 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. **Line of Business:** Technology Solutions **Job Description:** The Information Security Specialist - AI Penetration Tester is responsible for conducting advanced offensive security testing across AI/ML systems, LLM integrations, GenAI platforms, and associated infrastructure. This role serves as a subject-matter expert in AI/LLM security, partnering with engineering, cyber, cloud, and architecture teams to identify vulnerabilities, improve controls, and ensure safe and compliant deployment of AI capabilities across the enterprise. **AI/LLM Offensive Security & Vulnerability Testing** + **Conduct Penetration Tests:** Design and execute comprehensive penetration tests targeting AI/ML models, LLM applications, model pipelines, retrieval systems, data agents, and AI-enabled business workflows. + **AI/LLM Vulnerability Analysis:** Identify vulnerabilities such as jailbreaking, prompt injection, model extraction, adversarial ML attacks, data poisoning, RAG bypasses, and safety guardrail circumvention. + **Tooling & Automation:** Evaluate and develop tooling (including internal utilities and open‑source frameworks) to automate and scale AI/LLM security testing. **Security Architecture, Hardening & Risk Assessment** + **Assess Security Posture:** Analyze training data governance, guardrail design, inference endpoints, system prompts, agent autonomy, model monitoring, and model‑ops pipelines. + **Risk Assessments:** Perform security and safety risk analyses on new and existing AI/ML deployments, including cloud‑based services, APIs, model marketplaces, and third‑party LLM integrations. + **Model Supply Chain Security:** Assess AI supply chain risks, dependency integrity, and alignment with enterprise standards and regulatory obligations. **Documentation, Reporting & Communication** + **Report Findings:** Deliver clear, actionable findings to both technical and non‑technical stakeholders. Produce detailed reporting including: + Executive summaries + Technical proof‑of‑concepts + Prioritized remediation recommendations + **Stakeholder Engagement:** Collaborate with Engineering, Data Science, Cloud, Cyber Defense, Architecture, and Risk to remediate findings and improve AI security posture. **Governance, Standards & Continuous Improvement** + **Develop Best Practices:** Contribute to organization-wide AI security standards, policies, control objectives, and hardening practices. + **Regulatory Compliance:** Ensure AI penetration testing aligns with regulatory, privacy, model safety, and internal policy requirements. + **Continuous Learning:** Maintain deep expertise in emerging AI threats, industry frameworks, evaluation methodologies, and global safety standards. **Incident Response & Audit Support** + Participate in AI/ML-related security incident investigations, providing subject-matter expertise on root cause analysis and exploitation methods. + Support audit preparation and assist in drafting management responses, remediation plans, and risk treatment documentation. **Education & Experience:** + Bachelor's degree preferred + Information security certification / accreditation an asset + 7+ years of relevant experience + Expert knowledge of IT security and risk disciplines and practices **Preferred Qualifications** **Technical Skills** + 5+ years in application security or penetration testing, with hands-on experience in AI/ML environments preferred. + 7+ years of experience using penetration testing tools (Metasploit, Burp Suite, Nmap, Kali, etc.). + Strong knowledge of AI/LLM vulnerabilities including OWASP Top 10 for LLMs, adversarial attacks, prompt injection, and model safety testing frameworks. + Familiarity with scripting and automation (Python preferred), model interrogation techniques, and cloud-native AI services (Azure, AWS, GCP). + Experience penetration testing AI/LLM platforms, cloud workloads, and PCI-scoped environments. + Knowledge of security frameworks (NIST AI RMF, OWASP LLM/ML, ISO 42001, MITRE ATLAS). + Relevant certifications: OSCP, CEH, GPEN, CISSP, or AI/ML security certifications. + Experience supporting audits, compliance reviews, and incident response activities. \#EVMAI #TDCyberSecurity #Hybrid **Physical Requirements:** Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% + Domestic Travel - Occasional + International Travel - Never + Performing sedentary work - Continuous + Performing multiple tasks - Continuous + Operating standard office equipment - Continuous + Responding quickly to sounds - Occasional + Sitting - Continuous + Standing - Occasional + Walking - Occasional + Moving safely in confined spaces - Occasional + Lifting/Carrying (under 25 lbs.) - Occasional + Lifting/Carrying (over 25 lbs.) - Never + Squatting - Occasional + Bending - Occasional + Kneeling - Never + Crawling - Never + Climbing - Never + Reaching overhead - Never + Reaching forward - Occasional + Pushing - Never + Pulling - Never + Twisting - Never + Concentrating for long periods of time - Continuous + Applying common sense to deal with problems involving standardized situations - Continuous + Reading, writing and comprehending instructions - Continuous + Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. **Who We Are:** TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. **Our Total Rewards Package** Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more (*************************************** **Additional Information:** We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. **Colleague Development** If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. **Training & Onboarding** We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. **Interview Process** We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. **Accommodation** TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at *************** . Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process. Federal law prohibits job discrimination based on race, color, sex, sexual orientation, gender identity, national origin, religion, age, equal pay, disability and genetic information.

Hours: 40 Pay Details: $98,160 - $159,270 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Line of Business: Technology Solutions Job Description: The Information Security Specialist defines, develops and/or implements Technology Controls / Information Security related policies, programs, tools and provides specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect the Bank. Participates on projects of moderate to high complexity and provides complex reporting, analysis, and assessments at the functional, business line or enterprise level for own area. Information Security Specialist - AI Vulnerability Specialist is responsible for supporting the identification, assessment, and management of vulnerabilities unique to AI models across the organization. This role contributes to processes that enable continuous detection, classification, and remediation of AI‑related risks, ensuring the secure operation of AI systems throughout their lifecycle. Working within the Information Security team, the Specialist helps perform model assessments, operate scanning tools, and assist in documenting and communicating risks to relevant stakeholders. This role emphasizes hands‑on analysis, operational execution, and collaboration with engineering partners to support the organization's AI risk posture. Depth & Scope: * Participates on complex, comprehensive or large projects and initiatives * Acts as a lead expert resource in technology controls / information security for project teams, the business / organization and/or outside vendors * Has advanced knowledge of organization, technology controls / security/ risk issues Education & Experience: * Bachelor's degree preferred * Information security certification / accreditation an asset * 7+ years of relevant experience * Expert knowledge of IT security and risk disciplines and practices Preferred Qualifications: * Demonstrated success in building AI vulnerability management programs, including assessment, prioritization, and remediation governance. * Experience supporting vulnerability management activities, including assessment, prioritization, or remediation workflows. * Understanding of AI/ML lifecycle stages (data preparation, training, deployment, and monitoring). * Familiarity with AI/ML model architectures, pipelines, and frameworks (TensorFlow, PyTorch, Scikit learn). * Knowledge of cloud based AI platforms such as AWS Sagemaker, Azure AI, or GCP Vertex AI. * Exposure to AI security tooling or model specific vulnerability assessment techniques. * Working knowledge of ServiceNow Vulnerability Response or similar SecOps workflows. * Understanding of AI related security frameworks and emerging threat vectors. * Experience in regulated industries or familiarity with applicable standards (e.g., FFIEC, GLBA, GDPR, PCI DSS, NYDFS Cybersecurity Regulation). * Advanced security certifications (CISSP, CCSP, or equivalent) Physical Requirements: Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% * Domestic Travel - Occasional * International Travel - Occasional * Performing sedentary work - Continuous * Performing multiple tasks - Continuous * Operating standard office equipment - Continuous * Responding quickly to sounds - Occasional * Sitting - Continuous * Standing - Occasional * Walking - Occasional * Moving safely in confined spaces - Occasional * Lifting/Carrying (under 25 lbs.) - Occasional * Lifting/Carrying (over 25 lbs.) - Never * Squatting - Occasional * Bending - Occasional * Kneeling - Never * Crawling - Never * Climbing - Never * Reaching overhead - Never * Reaching forward - Occasional * Pushing - Never * Pulling - Never * Twisting - Never * Concentrating for long periods of time - Continuous * Applying common sense to deal with problems involving standardized situations - Continuous * Reading, writing and comprehending instructions - Continuous * Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. #EVMAI Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at ***************. Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process.

About this role: Wells Fargo is seeking an Information Security Engineering Manager Enterprise Data Loss Prevention (EDLP) to join our Cyber Security team. This leadership role is essential for maintaining the successful operation and long-term stability of our organization. This position is responsible for setting strategic directions, overseeing program delivery, and driving continuous improvement including managing and enforcing web access security as well as email security enforcements, implementation and oversight of transport rules that protect sensitive data and ensure regulatory compliance. The leader also facilitates cross-departmental collaboration, supports talent development, and maintains adherence to industry standards. In this role, you will: * Manage and develop a team of individual contributors in roles to address security risks in the Web and Email domains. * Maintain a broad awareness of the state of information security companywide. * Identify, recommend, and drive complex and innovative solutions addressing cybersecurity risks inclusive of data loss concerns and mitigation strategies * Set guidelines for compliance and risk management requirements for supported area and work with other stakeholders to implement key risk initiatives * Advocate and adhere to Wells Fargo Risk Management Framework and practices * Advise more experienced management on issues with high, critical impact * Partnership with DLP to reduce risk to data exfiltration. * Collaborate and influence all levels of professionals including more experienced managers * Interface with Information Security Industry Leaders, Financial industry Leaders, Analysts and Regulators * Manage allocation of people and financial resources for Information Security Analysis * Develop and guide a culture of talent development to meet business objectives and strategy Required Qualifications: * 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education * 2+ years of Leadership experience Desired Qualifications: * Demonstrated experience with Web Proxy, Cloud Access Security Brokers (CASBs), Email Security * Broad set of information risk management practices * CISSP or related Security certifications for on-prem or cloud. Job Expectations: * This position offers a hybrid work schedule * This position is not eligible for Visa sponsorship * Possible up to 10% travel Locations: * 194 Wood Ave S, Iselin, NJ * 1525 WT Harris Blvd, Charlotte, North Carolina * 2600 S Price Rd, Chandler, Arizona Pay Range Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to demonstrated examples of prior performance, skills, experience, or work location. Employees may also be eligible for incentive opportunities. $119,000.00 - $224,000.00 Benefits Wells Fargo provides eligible employees with a comprehensive set of benefits, many of which are listed below. Visit Benefits - Wells Fargo Jobs for an overview of the following benefit plans and programs offered to employees. * Health benefits * 401(k) Plan * Paid time off * Disability benefits * Life insurance, critical illness insurance, and accident insurance * Parental leave * Critical caregiving leave * Discounts and savings * Commuter benefits * Tuition reimbursement * Scholarships for dependent children * Adoption reimbursement Posting End Date: 4 Feb 2026 * Job posting may come down early due to volume of applicants. We Value Equal Opportunity Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic. Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements. Applicants with Disabilities To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo. Drug and Alcohol Policy Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more. Wells Fargo Recruitment and Hiring Requirements: a. Third-Party recordings are prohibited unless authorized by Wells Fargo. b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.

**About this role:** Wells Fargo is seeking an Information Security Engineering Manager Enterprise Data Loss Prevention (EDLP) to join our Cyber Security team. This leadership role is essential for maintaining the successful operation and long-term stability of our organization. This position is responsible for setting strategic directions, overseeing program delivery, and driving continuous improvement including managing and enforcing web access security as well as email security enforcements, implementation and oversight of transport rules that protect sensitive data and ensure regulatory compliance. The leader also facilitates cross-departmental collaboration, supports talent development, and maintains adherence to industry standards. **In this role, you will:** + Manage and develop a team of individual contributors in roles to address security risks in the Web and Email domains. + Maintain a broad awareness of the state of information security companywide. + Identify, recommend, and drive complex and innovative solutions addressing cybersecurity risks inclusive of data loss concerns and mitigation strategies + Set guidelines for compliance and risk management requirements for supported area and work with other stakeholders to implement key risk initiatives + Advocate and adhere to Wells Fargo Risk Management Framework and practices + Advise more experienced management on issues with high, critical impact + Partnership with DLP to reduce risk to data exfiltration. + Collaborate and influence all levels of professionals including more experienced managers + Interface with Information Security Industry Leaders, Financial industry Leaders, Analysts and Regulators + Manage allocation of people and financial resources for Information Security Analysis + Develop and guide a culture of talent development to meet business objectives and strategy **Required Qualifications:** + 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education + 2+ years of Leadership experience **Desired Qualifications:** + Demonstrated experience with Web Proxy, Cloud Access Security Brokers (CASBs), Email Security + Broad set of information risk management practices + CISSP or related Security certifications for on-prem or cloud. **Job Expectations:** + This position offers a hybrid work schedule + This position is not eligible for Visa sponsorship + Possible up to 10% travel **Locations:** + 194 Wood Ave S, Iselin, NJ + 1525 WT Harris Blvd, Charlotte, North Carolina + 2600 S Price Rd, Chandler, Arizona **Pay Range** Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to demonstrated examples of prior performance, skills, experience, or work location. Employees may also be eligible for incentive opportunities. $119,000.00 - $224,000.00 **Benefits** Wells Fargo provides eligible employees with a comprehensive set of benefits, many of which are listed below. Visit Benefits - Wells Fargo Jobs (*************************************************************** for an overview of the following benefit plans and programs offered to employees. + Health benefits + 401(k) Plan + Paid time off + Disability benefits + Life insurance, critical illness insurance, and accident insurance + Parental leave + Critical caregiving leave + Discounts and savings + Commuter benefits + Tuition reimbursement + Scholarships for dependent children + Adoption reimbursement **Posting End Date:** 4 Feb 2026 ***** **_Job posting may come down early due to volume of applicants._** **We Value Equal Opportunity** Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic. Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements. **Applicants with Disabilities** To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo (****************************************************************** . **Drug and Alcohol Policy** Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy (********************************************************************** to learn more. **Wells Fargo Recruitment and Hiring Requirements:** a. Third-Party recordings are prohibited unless authorized by Wells Fargo. b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process. **Req Number:** R-517569

About this role: Wells Fargo is seeking a Lead Information Security Analyst to join a dynamic team dedicated to safeguarding our customers and the company's most critical assets. In this pivotal role, you will provide technical leadership in Cybersecurity Governance, Risk, and Compliance while driving projects and mentoring team members to achieve exceptional results. You're the kind of person who can lead, is coachable and enjoys partnering with others to complete projects. The position requires deep expertise in policy compliance and vulnerability management, with a strong focus on cryptography, encryption key lifecycle management, and digital certificate governance. The ideal candidate will have demonstrated experience in designing and implementing policy compliance or vulnerability management programs and leading initiatives or teams to successful completion. Most of all we need a person who can manage cyber projects, has keen organizational skills and is highly collaborative. This is a hybrid role at Wells Fargo. There is no Visa sponsorship or Visa Transfers. The position is seated in the location posted on the requisition. In this role, you will: Provide advanced information security consultation for policy compliance, risk management, security controls and remediation monitoring Lead projects and coordinate team efforts to ensure timely delivery of security initiatives Direct information security risk assessment and research, and recommend remediation plans and strategies Perform Governance, Risk, and Compliance activities to identify and prioritize key risk areas, monitor remediation, and escalate critical risks to senior management Conduct user engagement on vulnerabilities and identified areas of policy non-adherence, report and advise on moderately complex remediation or mitigation plans Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, encryption keys and digital certificates Review and correlate technical data such as vulnerability or endpoint scanning reports (e.g., Qualys, Tanium), key and certificate management reports, and security logs Analyze identified vulnerabilities, assess their potential impact, and prioritize remediation efforts based on risk levels Develop and maintain security policies and procedures related to information protection, encryption, and certificate management Create detailed process documentation and governance artifacts for security controls, metrics, and escalation routines Required Qualifications: 5+ years of Information Security experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education 4+ years in a vulnerability management or governance, risk and compliance role, identifying and prioritizing areas of policy non-adherence, report development, remediation monitoring and escalation to senior management Strong experience with vulnerability or endpoint scanning tools (e.g., Qualys, Tanium) Solid understanding of cryptography, encryption key management, and digital certificate lifecycle Proven ability to lead projects and/or teams, including planning, coordination, and delivery Desired Qualifications: IT Security certification (CISSP, CRISC, GIAC, Cloud, etc) Demonstrated expertise of Governance, Risk and Compliance principles for monitoring adherence to Information Security policies Experience with or strong conceptual understanding of data protection principles, frameworks and technologies Knowledge of Cloud service providers such as Amazon Web Services (AWS), Google Cloud Platform (GCP) or MS Azure Documentation skills including design diagrams, process flows, security controls and evidence archival Proven ability to plan, manage, and deliver complex projects or security initiatives, including defining scope, setting timelines, coordinating resources, and ensuring successful outcomes Knowledge of financial institution security procedures and data protection principles Experience with Agile methodology and product delivery Ability to communicate confidently and professionally Ability to negotiate, influence, and collaborate to build successful relationships Strong time management skills including the ability to handle multiple deliverables concurrently Ability to influence across all organizational levels Job Expectations: Work independently and lead governance routines on a regular cadence Identify security vulnerabilities, perform product mapping, conduct trend analysis, perform risk assessments, and evaluate remediation alternatives Engage with stakeholders to monitor remediation and escalate critical risks Prepare executive ready Develop and maintain documentation for security controls and metrics, governance routines, escalation events, and consequence model Drive continuous improvement in policy adherence monitoring, vulnerability management and cryptographic security processes Posting End Date: 2 Feb 2026 *Job posting may come down early due to volume of applicants. We Value Equal Opportunity Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic. Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements. Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process. Applicants with Disabilities To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo. Drug and Alcohol Policy Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more. Wells Fargo Recruitment and Hiring Requirements: a. Third-Party recordings are prohibited unless authorized by Wells Fargo. b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.

About this role: Wells Fargo is seeking an Information Security Engineering Manager. The Engineering Manager will lead a team of developers responsible for securing, modernizing, and evolving enterprise applications. This role oversees vulnerability management and application hardening efforts while driving the adoption of DevSecOps, automation, and standardized engineering practices. The manager will guide the team through modernization and transformation initiative, including refactoring legacy components, improving architecture, and preparing the platform for future cloud readiness. In this role, you will: Provide strategic and forward‑thinking leadership to define engineering direction, technology roadmaps, and long‑term platform evolution Lead the team in managing vulnerabilities, applying secure coding practices, and implementing application hardening to protect critical systems Drive modernization efforts by transforming applications through refactoring, re‑architecting, and adoption of modern engineering practices Guide the team through DevSecOps, automation, and standardized delivery processes to improve reliability, security, and speed of delivery Collaborate effectively across security, architecture, and product teams to deliver scalable, resilient, and compliant solutions aligned with organizational goals Manage a team of engineers that design, document, test, maintain and provide issue resolution recommendations for highly complex security solutions related to networking, cryptography, cloud, authentication or directory services, email, internet, applications or endpoint security Manage security consulting on large projects for internal clients to ensure conformity with corporate information security policy, and standards Possess subject matter expertise at a mastery level in current and emerging security solutions and best practices Conduct technical investigation of security-related incidents, and conduct post-incident digital forensics to identify causes and recommend future mitigation strategies Manage implementation of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity Work with more experienced technologists and team Interface with more experienced management Manage allocation of people and financial resources for Information Security Architecture Mentor and guide talent development of direct reports and assist in hiring talent Required Qualifications: 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education 2+ years of Leadership experience Desired Qualifications: Experience managing and developing high‑performing Agile teams of software engineers and platform developers Strong knowledge of DevSecOps practices including secure CI/CD pipelines, automated testing, and integrated security controls Hands‑on understanding of Kubernetes operations, container orchestration concepts, and cloud‑native deployment patterns Proficiency with cloud‑based application architectures and modern cloud engineering practices Ability to drive engineering excellence through automation, observability, and standardized delivery processes Proven collaboration skills with security, architecture, and product teams to ensure resilient, compliant, and scalable solutions Demonstrated leadership in platform engineering to build and operate developer platforms, pipelines, and self‑service tooling Experience leading application modernization of home‑grown/legacy systems, including refactoring, re‑architecting, and reducing technical debt Track record of transformation leadership and “clean‑sheet” solution design to establish new engineering patterns and operating models Expertise in CI/CD engineering and automation across on‑prem and cloud environments, including policy‑as‑code and secrets management Ability to develop a cloud readiness roadmap and guide teams through staged migration or hybrid adoption while maintaining uptime and compliance Job Expectations: Ability to work on-site in one of the listed locations in a hybrid environment This position is not available for visa sponsorship Pay Range Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to demonstrated examples of prior performance, skills, experience, or work location. Employees may also be eligible for incentive opportunities. $119,000.00 - $187,000.00 Benefits Wells Fargo provides eligible employees with a comprehensive set of benefits, many of which are listed below. Visit Benefits - Wells Fargo Jobs for an overview of the following benefit plans and programs offered to employees. Health benefits 401(k) Plan Paid time off Disability benefits Life insurance, critical illness insurance, and accident insurance Parental leave Critical caregiving leave Discounts and savings Commuter benefits Tuition reimbursement Scholarships for dependent children Adoption reimbursement Posting End Date: 13 Feb 2026 * Job posting may come down early due to volume of applicants. We Value Equal Opportunity Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic. Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements. Applicants with Disabilities To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo. Drug and Alcohol Policy Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more. Wells Fargo Recruitment and Hiring Requirements: a. Third-Party recordings are prohibited unless authorized by Wells Fargo. b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.

not eligible for sponsorship. Locations: Onsite in Memphis, TN; Maryville, TN; Birmingham, AL; Lafayette, LA; New Orleans, LA; Charlotte, NC; Raleigh, NC; or Dallas, TX. This role focuses on comprehensive application security testing and vulnerability management across the software development lifecycle. It involves conducting automated and manual scans using tools like Invicti, Veracode, and Burp Suite to identify and remediate security flaws in application code and open-source components. The position requires strong collaboration with development and DevOps teams, secure coding expertise in languages such as Java and Python, and adherence to compliance frameworks including NIST, PCI-DSS, and SOX. The ideal candidate brings over five years of hands-on experience in application security, secure development practices, and automation within CI/CD environments. To leverage deep expertise in application security testing, secure coding, and vulnerability management to enhance the security posture of enterprise applications. The goal is to proactively identify and remediate security risks, integrate security into DevOps workflows, and ensure compliance with industry standards, while fostering a collaborative environment that empowers development teams to build secure software from the ground up. Major Responsibilities: Application Security Testing & Analysis: * Conduct SAST scans using Veracode to identify vulnerabilities in source code. * Conduct SCA scans using Veracode to identify vulnerabilities in open-source components. * Analyze scan results, identify root causes, and collaborate with developers to implement effective remediations. * Work with CI/CD pipelines to integrate security testing into DevOps workflows. * As-needed, conduct manual verification and secondary authenticated scans using Burp Suite to reduce false negatives. Software Development & Secure Coding Knowledge: * Understand and evaluate vulnerabilities in Java, .NET, Python, and other application codebases. * Work with development teams to remediate security flaws in source code and follow secure coding practices. * Provide guidance on OWASP Top 10 and SANS 25 vulnerabilities, including how they arise, how to exploit them, and how to prevent them. * Able to perform scripting and coding in Java and Python as-needed for security engineering Vulnerability Management & Compliance: * Ensure required DAST, SAST, and SCA release and periodic scanning is occurring and that scans and findings are addressed within SLA. * Review and approve false positives and mitigated-by-design requests for DAST, SAST, and SCA * Review and approve SDLC tasks (MME and SbD MUFG processes) for DAST, SAST, and SCA * Maintain compliance with NIST, PCI-DSS, FFIEC, SOX, CIS security frameworks. * Store and organize security artifacts in archives, following standardized documentation practices. Services to be Performed * Security Collaboration & Process Improvement: * Work closely with developers, DevOps teams, and application owners to secure software at all stages of SDLC. * Work with Security teams to deploy security tools as IAC * Stay updated on the latest exploitation techniques, security research, and industry best practices. * Knowlegeable around securing cloud workloads and cloud instances within AWS, Google, and Azure. * Support the Cyber Incident Response Team (CIRT) in the effective detection, analysis, and containment of attacks * Design, test and develop specific content and alerting to identify threats against their critical assets Qualifications: * Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience). * Relevant security certifications (e.g., OSCP, OSWE, GWAPT, CEH) are highly desirable. * 5+ years of experience in Application Security, Secure Development, DAST, and SAST. * Hands-on experience with DAST tools such as Veracode (Netsparker), AppScan, Burp Suite, Acunetix. * Experience with SAST tools like Veracode and Fortify. * Experience with Burp Suite performing manual testing * Strong knowledge of web security vulnerabilities (OWASP Top 10, SANS 25, MITRE ATT&CK). * Software development experience in Java, .NET, Python, or similar languages. Ability to perform scripting for security engineering. * Familiarity with secure software development life cycle (SSDLC) and CI/CD pipelines. * Experience with cloud security (AWS, Azure, Oracle Cloud) is a plus. * Scripting skills (Python, Bash, PowerShell) to automate security tasks. * Familiar with compliance regulations such as SOX, PCI-DSS, GLBA, and Federal Banking regulations * Produce weekly and monthly operational metrics * Work with vendors and internal customers to respond to escalations * Familiar with threat modeling and/or risk-based security testing techniques Soft Skills: * Strong ability to collaborate with developers and provide security guidance in a constructive manner. * Excellent communication skills, including technical reporting and vulnerability documentation. * Analytical mindset with a passion for improving software security and reducing risk exposure. Bonus Skills: * Experience with EnCase * Experience with reverse engineering malware About Us First Horizon Corporation is a leading regional financial services company, dedicated to helping our clients, communities and associates unlock their full potential with capital and counsel. Headquartered in Memphis, TN, the banking subsidiary First Horizon Bank operates in 12 states across the southern U.S. The Company and its subsidiaries offer commercial, private banking, consumer, small business, wealth and trust management, retail brokerage, capital markets, fixed income, and mortgage banking services. First Horizon has been recognized as one of the nation's best employers by Fortune and Forbes magazines and a Top 10 Most Reputable U.S. Bank. More information is available at ********************* Benefit Highlights * Medical with wellness incentives, dental, and vision * HSA with company match * Maternity and parental leave * Tuition reimbursement * Mentor program * 401(k) with 6% match * More -- FirstHorizon.com/First-Horizon-National-Corporation/Careers/Our-Benefits Follow Us Facebook X formerly Twitter LinkedIn Instagram YouTube

not eligible for sponsorship. Locations: Onsite in Memphis, TN; Maryville, TN; Birmingham, AL; Lafayette, LA; New Orleans, LA; Charlotte, NC; Raleigh, NC; or Dallas, TX. This role focuses on comprehensive application security testing and vulnerability management across the software development lifecycle. It involves conducting automated and manual scans using tools like Invicti, Veracode, and Burp Suite to identify and remediate security flaws in application code and open-source components. The position requires strong collaboration with development and DevOps teams, secure coding expertise in languages such as Java and Python, and adherence to compliance frameworks including NIST, PCI-DSS, and SOX. The ideal candidate brings over five years of hands-on experience in application security, secure development practices, and automation within CI/CD environments. To leverage deep expertise in application security testing, secure coding, and vulnerability management to enhance the security posture of enterprise applications. The goal is to proactively identify and remediate security risks, integrate security into DevOps workflows, and ensure compliance with industry standards, while fostering a collaborative environment that empowers development teams to build secure software from the ground up. Major Responsibilities: Application Security Testing & Analysis: * Conduct SAST scans using Veracode to identify vulnerabilities in source code. * Conduct SCA scans using Veracode to identify vulnerabilities in open-source components. * Analyze scan results, identify root causes, and collaborate with developers to implement effective remediations. * Work with CI/CD pipelines to integrate security testing into DevOps workflows. * As-needed, conduct manual verification and secondary authenticated scans using Burp Suite to reduce false negatives. Software Development & Secure Coding Knowledge: * Understand and evaluate vulnerabilities in Java, .NET, Python, and other application codebases. * Work with development teams to remediate security flaws in source code and follow secure coding practices. * Provide guidance on OWASP Top 10 and SANS 25 vulnerabilities, including how they arise, how to exploit them, and how to prevent them. * Able to perform scripting and coding in Java and Python as-needed for security engineering Vulnerability Management & Compliance: * Ensure required DAST, SAST, and SCA release and periodic scanning is occurring and that scans and findings are addressed within SLA. * Review and approve false positives and mitigated-by-design requests for DAST, SAST, and SCA * Review and approve SDLC tasks (MME and SbD MUFG processes) for DAST, SAST, and SCA * Maintain compliance with NIST, PCI-DSS, FFIEC, SOX, CIS security frameworks. * Store and organize security artifacts in archives, following standardized documentation practices. Services to be Performed * Security Collaboration & Process Improvement: * Work closely with developers, DevOps teams, and application owners to secure software at all stages of SDLC. * Work with Security teams to deploy security tools as IAC * Stay updated on the latest exploitation techniques, security research, and industry best practices. * Knowlegeable around securing cloud workloads and cloud instances within AWS, Google, and Azure. * Support the Cyber Incident Response Team (CIRT) in the effective detection, analysis, and containment of attacks * Design, test and develop specific content and alerting to identify threats against their critical assets Qualifications: * Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience). * Relevant security certifications (e.g., OSCP, OSWE, GWAPT, CEH) are highly desirable. * 5+ years of experience in Application Security, Secure Development, DAST, and SAST. * Hands-on experience with DAST tools such as Veracode (Netsparker), AppScan, Burp Suite, Acunetix. * Experience with SAST tools like Veracode and Fortify. * Experience with Burp Suite performing manual testing * Strong knowledge of web security vulnerabilities (OWASP Top 10, SANS 25, MITRE ATT&CK). * Software development experience in Java, .NET, Python, or similar languages. Ability to perform scripting for security engineering. * Familiarity with secure software development life cycle (SSDLC) and CI/CD pipelines. * Experience with cloud security (AWS, Azure, Oracle Cloud) is a plus. * Scripting skills (Python, Bash, PowerShell) to automate security tasks. * Familiar with compliance regulations such as SOX, PCI-DSS, GLBA, and Federal Banking regulations * Produce weekly and monthly operational metrics * Work with vendors and internal customers to respond to escalations * Familiar with threat modeling and/or risk-based security testing techniques Soft Skills: * Strong ability to collaborate with developers and provide security guidance in a constructive manner. * Excellent communication skills, including technical reporting and vulnerability documentation. * Analytical mindset with a passion for improving software security and reducing risk exposure. Bonus Skills: * Experience with EnCase * Experience with reverse engineering malware About Us First Horizon Corporation is a leading regional financial services company, dedicated to helping our clients, communities and associates unlock their full potential with capital and counsel. Headquartered in Memphis, TN, the banking subsidiary First Horizon Bank operates in 12 states across the southern U.S. The Company and its subsidiaries offer commercial, private banking, consumer, small business, wealth and trust management, retail brokerage, capital markets, fixed income, and mortgage banking services. First Horizon has been recognized as one of the nation's best employers by Fortune and Forbes magazines and a Top 10 Most Reputable U.S. Bank. More information is available at ********************* Benefit Highlights * Medical with wellness incentives, dental, and vision * HSA with company match * Maternity and parental leave * Tuition reimbursement * Mentor program * 401(k) with 6% match * More -- FirstHorizon.com/First-Horizon-National-Corporation/Careers/Our-Benefits Follow Us Facebook X formerly Twitter LinkedIn Instagram YouTube

not eligible for sponsorship Locations: Onsite in Memphis, TN; Maryville, TN; Birmingham, AL; Lafayette, LA; New Orleans, LA; Charlotte, NC; Raleigh, NC; or Dallas, TX. The Cyber Security Engineer - Threat Management is a mid-level Cyber Security Engineer responsible for second level security event/incident response along with the collection, analysis, and dissemination of cyber threat intelligence. These capabilities will include timely collection of advanced warning of impeding IT vulnerabilities or threats, a thorough correlation, analysis, and storage of threat intelligence information, and operational support of the incident response process. The candidate They will deliver and sustain the enterprise management strategy and solutions from a governance, process, discipline and technology standpoint, to support enterprise environments and our presence in various cloud instances and on-premises data centers covering threats / FIM / configuration management / incident response / vulnerability management. Secondary roles include IPS, EDR, TIP tools, and other information security solutions. Essential Functions of the Job: * Responding to SOC alerts performing an analysis, and containment of security events. * Provide tier II support for escalated security incidents. * Support the Cyber Incident Response Team (CIRT) in the effective detection, analysis, and containment of attacks. * Operate the configuration management program to track configuration drift over time, working with asset custodians to correct any configuration deviation from baseline. * Operate the File Integrity Management program to track changes to file systems on critical systems. * Operate the processes necessary to collect threat intelligence, analyze the data for patterns and actionable information, and create intelligence products for other teams to consume using MITRE ATT&CK Framework. * Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents. * Integrate appropriate systems and logs into the global threat management platform or Security Event and Incident Management system to properly protect critical assets. * Design, test and develop specific content and alerting to identify threats against critical assets. * Document incident response playbooks for new threat content and alerts. * Maintain an understanding of attacks, vectors and emergent threats. * Obtain and share cyber security intelligence with security partners, vendors and law enforcement as necessary. * Produce weekly and monthly operational metrics. * Work with vendors and internal customers to respond to escalations. * Recommends Preventative Security Actions. * Recommends Corrective Security Actions. * Comprehension of basic banking systems. Job Requirements: * High School Graduate or Equivalent. * Bachelor's Degree Preferred but not required in Computer Engineering/Computer Science or related field. * CISSP, GSEC, GCIH, CEH or other security certifications preferred, but not required. * Three year minimum working in cyber threat or information security. Knowledge and Skills Requirements: * Familiar with compliance regulations such as SOX, PCI-DSS, GLBA, and Federal Banking regulations. * Proficient with cloud security and monitoring capabilities in Azure * Proficient with Incident Response in Azure * Proficient with configuration management scanning tools. * Knowledgeable with Tripwire or other file integrity management tools. * Excellent team skills and integrity in a professional environment. * Ability to Map threats and vulnerabilities to MITRE. About Us First Horizon Corporation is a leading regional financial services company, dedicated to helping our clients, communities and associates unlock their full potential with capital and counsel. Headquartered in Memphis, TN, the banking subsidiary First Horizon Bank operates in 12 states across the southern U.S. The Company and its subsidiaries offer commercial, private banking, consumer, small business, wealth and trust management, retail brokerage, capital markets, fixed income, and mortgage banking services. First Horizon has been recognized as one of the nation's best employers by Fortune and Forbes magazines and a Top 10 Most Reputable U.S. Bank. More information is available at ********************* Benefit Highlights * Medical with wellness incentives, dental, and vision * HSA with company match * Maternity and parental leave * Tuition reimbursement * Mentor program * 401(k) with 6% match * More -- FirstHorizon.com/First-Horizon-National-Corporation/Careers/Our-Benefits Follow Us Facebook X formerly Twitter LinkedIn Instagram YouTube

not eligible for sponsorship Locations: Onsite in Memphis, TN; Maryville, TN; Birmingham, AL; Lafayette, LA; New Orleans, LA; Charlotte, NC; Raleigh, NC; or Dallas, TX. The Cyber Security Engineer - Threat Management is a mid-level Cyber Security Engineer responsible for second level security event/incident response along with the collection, analysis, and dissemination of cyber threat intelligence. These capabilities will include timely collection of advanced warning of impeding IT vulnerabilities or threats, a thorough correlation, analysis, and storage of threat intelligence information, and operational support of the incident response process. The candidate They will deliver and sustain the enterprise management strategy and solutions from a governance, process, discipline and technology standpoint, to support enterprise environments and our presence in various cloud instances and on-premises data centers covering threats / FIM / configuration management / incident response / vulnerability management. Secondary roles include IPS, EDR, TIP tools, and other information security solutions. Essential Functions of the Job: * Responding to SOC alerts performing an analysis, and containment of security events. * Provide tier II support for escalated security incidents. * Support the Cyber Incident Response Team (CIRT) in the effective detection, analysis, and containment of attacks. * Operate the configuration management program to track configuration drift over time, working with asset custodians to correct any configuration deviation from baseline. * Operate the File Integrity Management program to track changes to file systems on critical systems. * Operate the processes necessary to collect threat intelligence, analyze the data for patterns and actionable information, and create intelligence products for other teams to consume using MITRE ATT&CK Framework. * Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents. * Integrate appropriate systems and logs into the global threat management platform or Security Event and Incident Management system to properly protect critical assets. * Design, test and develop specific content and alerting to identify threats against critical assets. * Document incident response playbooks for new threat content and alerts. * Maintain an understanding of attacks, vectors and emergent threats. * Obtain and share cyber security intelligence with security partners, vendors and law enforcement as necessary. * Produce weekly and monthly operational metrics. * Work with vendors and internal customers to respond to escalations. * Recommends Preventative Security Actions. * Recommends Corrective Security Actions. * Comprehension of basic banking systems. Job Requirements: * High School Graduate or Equivalent. * Bachelor's Degree Preferred but not required in Computer Engineering/Computer Science or related field. * CISSP, GSEC, GCIH, CEH or other security certifications preferred, but not required. * Three year minimum working in cyber threat or information security. Knowledge and Skills Requirements: * Familiar with compliance regulations such as SOX, PCI-DSS, GLBA, and Federal Banking regulations. * Proficient with cloud security and monitoring capabilities in Azure * Proficient with Incident Response in Azure * Proficient with configuration management scanning tools. * Knowledgeable with Tripwire or other file integrity management tools. * Excellent team skills and integrity in a professional environment. * Ability to Map threats and vulnerabilities to MITRE. About Us First Horizon Corporation is a leading regional financial services company, dedicated to helping our clients, communities and associates unlock their full potential with capital and counsel. Headquartered in Memphis, TN, the banking subsidiary First Horizon Bank operates in 12 states across the southern U.S. The Company and its subsidiaries offer commercial, private banking, consumer, small business, wealth and trust management, retail brokerage, capital markets, fixed income, and mortgage banking services. First Horizon has been recognized as one of the nation's best employers by Fortune and Forbes magazines and a Top 10 Most Reputable U.S. Bank. More information is available at ********************* Benefit Highlights * Medical with wellness incentives, dental, and vision * HSA with company match * Maternity and parental leave * Tuition reimbursement * Mentor program * 401(k) with 6% match * More -- FirstHorizon.com/First-Horizon-National-Corporation/Careers/Our-Benefits Follow Us Facebook X formerly Twitter LinkedIn Instagram YouTube