Lead Cyber Security Research Consultant, Wells Fargo

Wells Fargo

Location:
United States, Charlotte ▼
Chandler
Chicago
Columbus
McLean
Minneapolis
New York
Philadelphia
San Antonio
San Francisco
West Des Moines
Westlake

Category:
IT - Software Development

Contract Type:
Not provided

Salary:

111100.00 - 237100.00 USD / Year

Save Job

Apply Position

Job Description:

Wells Fargo is looking for a Lead Cyber Security Research Consultant that will emulate adversarial attacks in order to provide information to Wells Fargo Lines of Business with the overall goal of providing knowledge of indicators or compromise and TTP (Tools, Tactics, and Procedures) to other teams. The team member will be responsible for creating and executing attack chains with the Threat Simulation team members and will debrief leadership and business owners to explain how combining different weaknesses can result in higher impact. This team member must be able to utilize complex hacking tools, create proof of concept exploits, and document attack chains so they can be re-created and defensive tactics developed for them. This role will research, analyze, design, test, and implement complex technologies, systems, and applications. This position reports to the Cyber Threat Management – Offensive Security Research Team.

Job Responsibility:

Conduct Threat Emulation
Conduct innovative research in cyber security and present to internal peers and partners
Conduct active offensive security operations
Conducts physical security assessments
Develop custom penetration testing tools
Develop in-depth findings report
Communicate findings to lines of business based on inherit risks
Participate in purple teaming
Train/Mentor more junior members of team
Work with the leadership team to identify opportunities and process improvements

Requirements:

5+ years of Cyber Security Research experience
5+ years of information security experience in converged testing (red teaming)
5+ years of performing white hat exploitation and post-exploitation experience
3+ year of experience in network, social, and physical domains
Demonstrated lead experience

Nice to have:

Knowledge of Python, Ruby, PowerShell, and Shell Scripting
Previous experience with common command-and-control (C2) frameworks such as Cobalt Strike and Mythic
Knowledge and understanding of information security risk assessment procedures, risk mitigation or remediation
Experience in one or a combination of the following: creating proof of concepts, creating exploits, or reverse engineering
Experience performing security assessment against cloud service providers
Ability to handle confidential material in a professional manner
Knowledge and understanding of banking or financial services industry
Experience working in a large enterprise environment
Knowledge and understanding of system/application architecture and design concepts
Ability to present complex material in a digestible, consumable manner to all levels of management
Experience performing offensive security assessments against cloud environments
Certifications in one or more of the following: Global Information Assurance Certification (GIAC), Offensive Security Certified Professional (OSCP), Offensive Security Wireless Professional (OSWP), Offensive Security Certified Expert (OSCE), Offensive Security Exploitation Expert (OSEE), or Offensive Security Web Expert (OSWE)

What we offer:

Health benefits
401(k) Plan
Paid time off
Disability benefits
Life insurance, critical illness insurance, and accident insurance
Parental leave
Critical caregiving leave
Discounts and savings
Commuter benefits
Tuition reimbursement
Scholarships for dependent children
Adoption reimbursement

Additional Information:

Job Posted:
May 03, 2025

Expiration:
May 15, 2025

Employment Type:

Fulltime

Work Type:

Remote work

View All Jobs In This Company

Job Link Share:

Lead Cyber Security Research Consultant