Wells Fargo is back in the office collaborating for fabulous outcomes!
This role is a hybrid position and in three days a week in the office.
There is no visa sponsorship or visa transfers for this position.
About this role:
Wells Fargo is seeking a Micro-segmentation Senior Information Security Engineer.
We are looking for a solid security engineer with a technical foundation in firewalls and traffic segmentation.
Ideal candidates would have hands on segmentation experience with Illumio and at least one of: Guardicore (Akamai), VMware NSX-T, Cisco Secure Workload, or Kubernetes-native (Calico/Cilium, NetworkPolicies) including policy simulation/shadow testing and staged rollouts.
Hands-on segmentation in hybrid environments (on‑prem + AWS/Azure/GCP), including Azure ASG/NSG or AWS SG patterns, and Kubernetes/Service Mesh (NetworkPolicies, mTLS, Istio/Envoy) for east‑west traffic would be highly desirable.
Scripting is a talent of yours and you like the challenge of building reliable automations using Python/PowerShell, Terraform/Ansible, and ServiceNow IntegrationHub with OAuth2/OIDC-secured APIs, version control (Git/GitHub), CI/CD, and policy-as-code workflows (idempotent, retry-safe).
Security is top of mind for you and you are able to implement identity- and risk-aware policies by integrating CMDB labels, workload identities, and EDR/PAM context to enforce Zero Trust segmentation
In this role, you will:
- Design, document, test, maintain, and provide issue resolution recommendations for highly complex security solutions related to Micro-Segmentation
- Implement requirements and engage teams to create automation / orchestration for the enterprise's Micro-Segmentation solution
- Help identify new tools and/or features to strengthen enterprise Micro-Segmentation capabilities
- Serve as a POC for enterprise Micro-Segmentation deployment
- Implement security designs on large projects for internal clients to ensure conformity with corporate information, security policy, and standards
- Utilize subject matter knowledge in industry leading security solutions and best practices to implement components of information security.
- Collaborate and provide influence with all members of the microsegmentation team
- Define and coordinate automation strategies to integrate micro-segmentation with CMDB and user-facing portals, translating business and security requirements into actionable deliverables for development teams.
Required Qualifications:
- 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
Desired Qualifications:
- Experience with Micro-Segmentation security solutions including policy management
- Experience with scripting
- Strong understanding of APIs and proficiency in working with JSON, including the ability to interpret, construct, and troubleshoot queries and payloads in support of automation and integration efforts
- Experience with one or more: Guardicore (Akamai), VMware NSX T, Cisco Secure Workload, Calico/Cilium.
- Experience with Hybrid cloud segmentation in Azure/AWS/GCP (NSG/ASG, SG/NACL, tags/labels).
- Experience with Service Mesh (Istio/Envoy), Kubernetes NetworkPolicies, OPA/Gatekeeper.
- Scripting skills such as Python/PowerShell, Terraform/Ansible, Git/GitHub, CI/CD; ServiceNow IntegrationHub.
- Telemetry (NetFlow/IPFIX/eBPF, VPC Flow Logs) and SIEM analytics (Splunk/Sentinel/Elastic; KQL/SPL).
- Understanding of NIST 800 207 Zero Trust and mapping to NIST/CIS controls.
- Experience designing policy simulation/shadow testing and staged rollouts with measurable KPIs.
- Excellent technical documentation skills
- Experience with Service Now, Jira or similar systems.
Job Expectations:
- Willingness and Ability to work off hours and occasional weekends to support change activities
- Participation in on call shift
