CrawlJobs Logo

Lead Information Security Engineer - Purple Team

https://www.wellsfargo.com/ Logo

Wells Fargo

Location Icon

Location:
India , Bengaluru

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Wells Fargo is seeking a Lead Information Security Engineer.

Job Responsibility:

  • Lead computer security incident response activities for highly complex events
  • Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
  • Provide security consulting on large projects for internal clients to ensure conformity with corporate information, security policy, and standards
  • Design, document, test, maintain, and provide issue resolution recommendations for highly complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
  • Review and correlate security logs
  • Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
  • Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
  • Collaborate and influence all levels of professionals including managers
  • Lead a team to achieve objectives
  • Lead or participate in offensive security testing in a purple team capacity, with the goal to aid security content development and/or verification by other teams
  • Conduct technical investigation of security related events to identify root causes and recommend future mitigation strategies
  • Execute and support collaborative detection validation activities by partnering closely with Cyber Defense Management (CDM) teams to validate detections and response workflows directly in production environments
  • Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security
  • Contribute to sustained operational improvements by simplifying workflows, supporting automation and AI‑enabled efficiencies, identifying and removing execution blockers, and leveraging KPIs to improve signal quality, reduce alert noise, and actively manage backlogs
  • Collaborate and consult with peers, colleagues, and managers to resolve issues and achieve goals
  • Perform repeatable validation and readiness assessment activities using related tooling to plan, execute, and document adversary emulation and detection testing

Requirements:

5+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education

Nice to have:

  • Strong experience in one or more of the following security disciplines: information security monitoring, incident response, vulnerability management, host/network forensics, cyber-crime investigation, penetration testing, business continuity, or cyber threat intelligence
  • Knowledge and understanding of banking or financial services industry
  • Certifications in one or more of the following: Global Information Assurance Certification (GIAC), Offensive Security Certified Professional (OSCP), Offensive Security Wireless Professional (OSWP), Offensive Security Certified Expert (OSCE), Offensive Security Exploitation Expert (OSEE), or Offensive Security Web Expert (OSWE)
  • Experience conducting project meetings, presentations, and status reporting
  • Knowledge and understanding of data security controls and bypasses including malware protection, firewalls, intrusion detection systems, content filtering, Internet proxies, encryption controls, and log management solutions
  • Knowledge of offensive security, with the ability to think like an adversary when hunting and responding to security events

Additional Information:

Job Posted:
May 16, 2026

Expiration:
June 25, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Wells Fargo - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Lead Information Security Engineer - Purple Team

Offensive Security Engineer, Purple Team

Meta's Offensive Security Group is seeking an experienced Offensive Security Eng...
Location
Location
United States , Bellevue
Salary
Salary:
122000.00 - 181000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree (or foreign degree equivalent) in Information Systems Engineering, Computer Science, Engineering, Information Security, Cyber Security, Information Assurance, or equivalent experience
  • 2+ years of experience in Red Teaming, Penetration Testing, and/or cyber threat hunting
  • Experience with coding/scripting skills in one or more general purpose languages
Job Responsibility
Job Responsibility
  • Conduct offensive security engagements, including Red Team operations, threat-based evaluations, and vulnerability research and exploitation against both internal and external facing systems
  • Design, scope, and lead complex technical assessments, Purple Team Engagements, and other security initiatives to test attack detection and prevention effectiveness
  • Automate portions of assessments, scoping, or other offensive security work to inform and drive our engagements
  • Incorporate Threat Intelligence research to track APT trends and help partners test their environments against new and emerging threats
  • Collaborate with cross-functional teams, including Incident Response, Product Security, and other security partners, to align remediation efforts and drive fixes after testing cycles
  • Develop and maintain relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work
  • Influence and align the team’s direction and strategy, and collaboratively prioritize and deliver specific multi-year roadmaps and projects
What we offer
What we offer
  • bonus
  • equity
  • benefits
Read More
Arrow Right

Senior Security Engineer

As a Senior Security Engineer at Bitwarden, you will be responsible for conducti...
Location
Location
United States
Salary
Salary:
140000.00 - 180000.00 USD / Year
bitwarden.com Logo
Bitwarden
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience with Penetration Testing Tools, such as Burp Suite, NMAP, Nessus, Metasploit, Kali Linux, SQLMap, Owasp ZAP, and manual testing tools
  • In-depth knowledge of leading vulnerability management tools and strategies
  • In-depth understanding and usage of application security testing technologies is a plus
  • Understanding of authentication concepts, including OpenIDConnect, SAML, OAuth, and SSO flows
  • Strong working knowledge of vulnerability management tools, data and network security technologies
  • Collaborative and adaptable mindset
  • Openness and authenticity combined with excellent communication skills
  • Excitement and enthusiasm for open source and for better internet security
  • Excellent problem-solving skills
  • Ability to maintain discretion, handle sensitive information, and maintain security best-practices
Job Responsibility
Job Responsibility
  • Research emerging threats across the surface web, dark web, and deep web
  • Build threat models, conduct threat hunts, and plan and execute purple team engagements
  • Coordinate internal red team testing operations that emulate a threat actor
  • Collaborate with application development teams, platform engineers, and Security Operations Center (SOC) engineers to improve our offensive and defensive security controls
  • Contribute to vulnerability testing and analysis as well as incident response and analysis
  • Include testing for web, mobile, CLI, and desktop application security issues across our multi-product portfolio, including Bitwarden Password Manager, Secrets Manager, and Passwordless.dev, our APIs, serverless functions, and database
  • Participate in code reviews, learning and spreading technical knowledge about security posture
  • Contribute to resolutions for security-related issues
  • Coordinate technical validation and leadership review of purple team reports detailing testing results and potential areas of improvement
  • Conduct internal penetration tests on systems and networks to determine realistic threat vectors
  • Fulltime
Read More
Arrow Right

Security Testing Senior Analyst (Purple Team)

Reporting to the Attack Surface Reduction Senior Manager, the Security Testing S...
Location
Location
Ireland , Cork; Dublin
Salary
Salary:
Not provided
alterdomus.com Logo
Alter Domus
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or equivalent experience
  • Minimum of 3+ years in offensive security, penetration testing, vulnerability management, security threat assessment, or related roles
  • Experience in scoping and planning technical security assessments (red team, penetration testing, adversarial simulations, or similar)
  • Strong understanding of offensive security principles, common attack vectors, and the general testing lifecycle
  • Demonstrated experience in remediation tracking, stakeholder coordination, and cross-functional communication
  • Ability to translate complex technical findings into clear business risk and actionable remediation plans
  • Familiarity with frameworks such as MITRE ATT&CK, OWASP Top 10, NIST, CIS, and ISO security standards
  • Strong organizational skills, with proven ability to manage multiple concurrent engagements
  • Excellent communication, presentation, and relationship-building skills
  • Relevant certifications such as Security+, CySA+, GSEC, OSCP, CRTO, or similar are a plus
Job Responsibility
Job Responsibility
  • Lead the scoping and definition of red-team and adversarial simulation engagements, including determining goals, targets, timelines, and rules of engagement
  • Coordinate with business units, IT teams, and leadership to gather requirements, understand operational constraints, and ensure testing activities align with business risk
  • Develop structured engagement plans, including resource planning, attack paths, testing schedules, and expected deliverables
  • Serve as the primary point of contact throughout the engagement lifecycle
  • Track remediation activities, ensuring findings are clearly documented, assigned to responsible teams, monitored to completion, and remediated within defined SLAs
  • Host recurring remediation review sessions with stakeholders to validate progress and support their efforts in resolving identified weaknesses
  • Maintain a detailed engagement tracker for planning, scheduling, resource allocation, remediation status, and operational metrics
  • Support and occasionally lead technical testing activities where required
  • Prepare and deliver reports, dashboards, and executive summaries that clearly communicate risk, findings, remediation status, and testing outcomes
  • Partner with security operations, detection engineering, and infrastructure teams to ensure lessons learned are integrated into continuous improvement efforts
What we offer
What we offer
  • Support for professional accreditations such as ACCA and study leave
  • Flexible arrangements, generous holidays, plus an additional day off for your birthday
  • Continuous mentoring along your career progression
  • Active sports, events and social committees across our offices
  • 24/7 support available from our Employee Assistance Program
  • The opportunity to invest in our growth and success through our Employee Share Plan
  • Fulltime
Read More
Arrow Right

Principal Consultant, Red Team

The Principal Consultant on the Offensive Security team is focused on assessing ...
Location
Location
United Arab Emirates , Dubai
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of professional experience leading Red & Purple team engagements, Advanced Attack Simulations, OSINT research, social engineering techniques, bespoke security assessments and exploit development
  • Experience testing a range of technologies (Active Directory, major OSs, cloud environments, IoT / OT) and using a range of security tools and technologies inc AI-enabled to automate and tailor engagements
  • Demonstrate a deep understanding of how malicious software works (i.e.-malware, trojans, rootkits, etc.)
  • Ability to modify known and/or craft custom exploits manually without dependence on consumer tools such as Metasploit
  • Strong knowledge of tools and techniques used to conduct network, wireless, and web application penetration testing
  • Familiarity with web application penetration testing and code auditing to find security gaps and vulnerabilities
  • Experience with penetration testing, administering, and troubleshooting major flavors of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure)
  • Experience with scripting and editing existing code and programming using one or more of the following - Perl, Python, ruby, bash, C/C++, C#, or Java
  • Experience with security assessment tools, including Nessus, OpenVAS, MobSF Metasploit, Burp Suite Pro, Cobalt Strike, Bloodhound, and Empire
  • Knowledge of application, database, and web server design and implementation
Job Responsibility
Job Responsibility
  • Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools - Red Team experience essential
  • Ability to assist in scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel
  • Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients
  • Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
  • Conducts periodic scans of networks to find and detect vulnerabilities
  • Conducts IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing)
  • Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of compromise (IoCs) using Crypsis and Palo Alto Networks’ threat hunting tools (and/or client owned hunting instrumentation where applicable)
  • Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders
  • Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach
  • Fulltime
Read More
Arrow Right

Senior Threat Emulation Team Member

As a senior member of the Threat Emulation team within Admiral’s Cyber Security ...
Location
Location
Salary
Salary:
Not provided
admiralgroup.co.uk Logo
Admiral Group Plc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ Years of delivering offensive security exercises
  • Highly responsive and proven professionalism in communication, interpersonal, analytical, and organizational skills
  • Experience of being a technical lead on security testing engagements
  • A strong technical background is required with in-depth experience in several of the following areas: CI/CD Pipelines/DevOps
  • Cloud and Cloud Security (Specifically Azure and GCP)
  • LLM Security Considerations
  • Applications of AI in Offensive Security
  • Scenario/objective based Penetration Testing/Red Teaming
  • Purple Teaming
  • Microsoft AD, Entra and In-Tune
Job Responsibility
Job Responsibility
  • Owning the delivery of Threat Emulation services through the full lifecycle, including taking responsibility for delivery of key projects and workstreams through to completion
  • Proactively analyse business needs, research
  • recommend solutions and drive their adoption
  • Identifying key opportunities to provide current and new security testing services across the business
  • Developing novel and innovative capabilities within the team
  • Performing post exercise or incident reviews and proposing resolutions using their subject matter expertise
  • Act as a point of escalation for the team and wider cyber department
  • Mentor and develop team members and peers
  • Define, develop and improve procedures, and processes for the team and wider operations department
  • Publish reporting and communications to key stakeholders, including briefings, presentations, control group calls/updates
What we offer
What we offer
  • Everyone receives 33 days holiday (including bank holidays) when they join us, increasing the longer you stay with us, up to a maximum of 38 days (including bank holidays). You also have the option to buy or sell up to an additional five days of annual leave
  • Financial & Mortgage Advice
  • 24-Hour Ecare
  • Cycle to Work Scheme
  • Annual Holiday Allowance
  • Flexible Working
  • Simply Health
  • Private Health Cover
  • Critical Illness Cover
  • Eligible for up to £3,600 of free shares each year after one year of service
  • Fulltime
Read More
Arrow Right

Principal Engineer - Cyber Threat Fusion Center

Wells Fargo is seeking a Principal Engineer.
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.wellsfargo.com/ Logo
Wells Fargo
Expiration Date
May 30, 2026
Flip Icon
Requirements
Requirements
  • 7+ years of Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  • 7+ years of information security experience with SIEM, endpoint and network stack technologies
  • 7+ years of experience with technical assessments associated with Red Team, Purple Team, and Blue Team exercises
  • 7+ years of experience in security remediation practices to include signature development, log enrichment, and custom detection engineering
  • 5+ years of information security experience including experience in one or more of the following security disciplines: information security monitoring, threat hunting, incident response, vulnerability management, host/network forensics, cyber-crime investigation, or penetration testing
  • 4+ years of Splunk or other SIEM technology experience
  • Knowledge and understanding of banking or financial services industry
  • Certifications in one or more of the following: Global Information Assurance Certification (GIAC), Offensive Security Certified Professional (OSCP), Certified Information Systems Security Professional (CISSP)
  • Experience conducting project meetings, presentations, and status reporting
  • Knowledge and understanding of data security controls including malware protection, firewalls, intrusion detection systems, content filtering, Internet proxies, encryption controls, and log management solutions
Job Responsibility
Job Responsibility
  • Act as an advisor to leadership to develop or influence applications, network, information security, database, operating systems, or web technologies for highly complex business and technical needs across multiple groups
  • Lead the strategy and resolution of highly complex and unique challenges requiring in-depth evaluation across multiple areas or the enterprise, delivering solutions that are long-term, large-scale and require vision, creativity, innovation, advanced analytical and inductive thinking
  • Translate advanced technology experience, an in-depth knowledge of the organizations tactical and strategic business objectives, the enterprise technological environment, the organization structure, and strategic technological opportunities and requirements into technical engineering solutions
  • Provide vision, direction and expertise to leadership on implementing innovative and significant business solutions
  • Maintain knowledge of industry best practices and new technologies and recommends innovations that enhance operations or provide a competitive advantage to the organization
  • Strategically engage with all levels of professionals and managers across the enterprise and serve as an expert advisor to leadership
  • Fulltime
Read More
Arrow Right

Principal Consultant - Offensive Security

The Principal Consultant on the Offensive Security team is focused on assessing ...
Location
Location
Japan , Tokyo
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of professional experience leading Red & Purple team engagements, Advanced Attack Simulations, OSINT research, social engineering techniques, bespoke security assessments and exploit development
  • Experience testing a range of technologies (Active Directory, major OSs, cloud environments, IoT / OT) and using a range of security tools and technologies inc AI-enabled to automate and tailor engagements
  • Demonstrate a deep understanding of how malicious software works (i.e.-malware, trojans, rootkits, etc.)
  • Ability to modify known and/or craft custom exploits manually without dependence on consumer tools such as Metasploit
  • Strong knowledge of tools and techniques used to conduct network, wireless, and web application penetration testing
  • Familiarity with web application penetration testing and code auditing to find security gaps and vulnerabilities
  • Experience with penetration testing, administering, and troubleshooting major flavors of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure)
  • Experience with scripting and editing existing code and programming using one or more of the following - Perl, Python, ruby, bash, C/C++, C#, or Java
  • Experience with security assessment tools, including Nessus, OpenVAS, MobSF Metasploit, Burp Suite Pro, Cobalt Strike, Bloodhound, and Empire
  • Knowledge of application, database, and web server design and implementation
Job Responsibility
Job Responsibility
  • Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools - Red Team experience essential
  • Ability to assist in scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel
  • Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients
  • Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
  • Conducts periodic scans of networks to find and detect vulnerabilities
  • Conducts IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing)
  • Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of compromise (IoCs) using Crypsis and Palo Alto Networks’ threat hunting tools (and/or client owned hunting instrumentation where applicable)
  • Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders
  • Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach
  • Ability to perform travel requirements as needed to meet business demands
  • Fulltime
Read More
Arrow Right

CSIRT Director

The CSIRT Director is a cybersecurity leader responsible for the complete owners...
Location
Location
Canada , Montreal
Salary
Salary:
Not provided
sita.aero Logo
SITA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15+ years of progressive experience in cybersecurity, with at least 7+ years in a senior leadership role with direct accountability for security operations.
  • 5+ years of direct experience managing large, geographically distributed Security Operations Centers (SOCs) — including multi-site, multi-shift, 24/7/365 operations.
  • Bachelor's degree in computer science, Information Systems, Information Security, or a related discipline
  • or equivalent professional experience.
  • Active professional certification in at least one of the following: CISSP, CISM, CISA, GIAC GSOM, GIAC GCIH, or equivalent.
  • Proven experience managing global teams across multiple time zones and cultures, with a track record of building cohesive, high-performing distributed teams. With demonstrated ownership of an Incident Response Function and Team.
  • Demonstrated ownership of two or more of the following functions: SOC, CTEM / Vulnerability Management, Cyber Threat Intelligence,
  • Strong command of the MITRE ATT&CK framework, NIST CSF, and incident response methodologies (SANS PICERL, NIST 800-61).
  • Executive-level communication skills — ability to translate complex technical threats into business risk language for CISO, C-suite, and Board audiences.
Job Responsibility
Job Responsibility
  • Continuous Threat Exposure Management (CTEM) - Directs the organization's proactive exposure reduction program. This includes attack surface management, vulnerability prioritization, red team / purple team program oversight, penetration testing governance, and the coordination of remediation workflows with IT and engineering stakeholders.
  • Cyber Threat Intelligence (CTI) - Commands the intelligence function responsible for producing finished, operationalized threat intelligence. This includes strategic intelligence briefings to CISO and Board, tactical intelligence feeds into detection platforms, threat actor tracking, sector-specific threat analysis (transportation/aviation/border security), and third-party intelligence partnerships.
  • Incident Response (IR) - Owns the full incident response lifecycle. Accountable for IR planning and playbook governance, crisis management and executive communication during significant incidents, forensic capability oversight, tabletop exercise program, regulatory breach notification coordination, and post-incident reviews (PIRs).
  • Security Operations (SecOps) Collaboration - Direct and optimize resources across global SOC locations (Montreal, Cairo, Singapore), ensuring consistent standards, 24/7/365 coverage through a follow‑the‑sun operating model, and resilient business continuity with defined failover capabilities. Drive collaboration and intelligence sharing across sites while managing MSSP and third‑party partners to ensure performance, accountability, and unified global operations.
  • Strategic Leadership & Governance - Define and lead a multi‑year global CSIRT strategy, serving as the single point of accountability for threat exposure, intelligence, and incident response while aligning capabilities to business risk and industry frameworks. Own executive reporting, budget planning, and the establishment of clear SLAs and KPIs to ensure a mature, scalable, and effective cybersecurity operations program.
  • People Leadership & Talent Development - Lead, develop, and retain a high‑performing global cybersecurity operations team across CTEM, CTI, and Incident Response, fostering an inclusive, high‑accountability culture that enables collaboration across regions and time zones. Establish clear career pathways, performance management, and succession planning while overseeing staffing models, shift coverage, and on‑call operations across all SOC locations.
  • Executive & Stakeholder Engagement - Act as the primary liaison to the CISO, delivering executive‑ and board‑level insights on security operations, threat posture, and incident response effectiveness. Partner cross‑functionally with architecture, engineering, GRC, legal, and IT teams, and represent CSIRT in audits, regulatory reviews, and customer security engagements.
What we offer
What we offer
  • Work from home up to 2 days/week (depending on your team’s needs)
  • Flex Day: Make your workday suit your life and plans.
  • Flex Location: Take up to 30 days a year to work from any location in the world.
  • Employee Wellbeing: Employee Assistance Program (EAP) for you and your dependents 24/7, 365 days/year
  • Champion Health platform.
  • Professional Development: Access to world-class learning platforms including LinkedIn Learning, Microsoft's Enterprise Skills Initiative, Airport Council International, Pluralsight, Harvard Business Publishing, Stanford and many others.
  • Competitive Benefits: Competitive benefits that make sense with both your local market and employment status.
  • Fulltime
Read More
Arrow Right