Job Specifications
Job Summary
Client is seeking an experienced Lead Information Security Engineer (Information security Engineer 4 - Contingent) to join our Cloud Workload Lifecycle Security (CWLS) team, within the Cybersecurity – Vulnerability & Patch Management organization. Be a part of one of the core teams working on Wells Fargo's digital transformation; join our dynamic, diverse, fast-paced team environment where we secure and reduce risk for our Enterprise cloud migration. The Information security Engineer 4 – Contingent – Findings Management Engineer will support the WF migration from Prisma Cloud Enterprise to the Wiz CNAPP (Cloud Native Application Protection Platform) tool, with specific focus on Alerts/Findings generated by both the Cloud Workload Protection Platform (CWPP) and Cloud Security Posture Management (CSPM) modules of the Wiz product. This area of our team specializes in Findings Management for Public Cloud configuration drift and misconfiguration detection, as well as compliance & vulnerability scanning Findings follows-up for containers/Kubernetes environments. Findings management requires working with engineering and app partners companywide as our team empowers/enables partners to remediate risk across our Public & Private cloud environments.
Key Responsibilities
Actively support and perform “hands-on” technical and engineering work with the Wiz product, with a focus on Findings Management
Define/operationalize alerts in Wiz
Perform engineering related to Alerts/Findings data analysis and engineering of reporting processes and visualization dashboards (e.g. PowerBI, Tableau)
Design/develop automation & utility scripts to make team processes more efficient
Build Python pipelines to download, merge, enrich, and analyze Wiz, cloud, and security datasets
Collaborate with partners to support the remediation or “burn down” of alerts/findings in Wiz, as well as participating in related analysis work required for the automation of alerts/findings remediation.
Provide professional expertise relating to Application Lifecycle Security and resolving application vulnerabilities or compliance issues detected via Wiz
Be a motivated self-starter quick to adapt and stay focused on delivering results in a fast-paced environment with aggressive deadlines.
Share your Wiz expertise and knowledge with teammates, while completing assigned duties.
Required Skills
5+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
2+ years of experience with and strong understanding of Azure and Google public cloud – platforms, services, configurations, workloads, and hardening practices
1+ years of experience with Wiz or a similar cloud security or “CNAPP” product
1+ years of experience with scripting/automation languages such as Python, Bash, Terraform and/or PowerShell
1+ year of experience delivering integration between cloud security tools and other enterprise tools such as Splunk Cloud and ServiceNow
1+ year experience with data visualization/reporting tools such as PowerBI, Tableau or similar technologies
Solid understanding of Identity & Access Management, as well as Information Protection concepts as they apply to monitoring and responding to related alerts/findings
Strong verbal and written communication skills
Proven ability to work independently, as well as having strong interpersonal skills to work effectively within a Team and with partners
Strong analytical skills, proven critical thinking capabilities and ability to solve complex problems with minimal direct oversight
Intermediate to advanced experience working with Microsoft Office products (e.g. Word, Excel, PowerPoint, Visio, Outlook, MS Teams, SharePoint)
Ability to handle multiple, high priority deliverables concurrently
Ability to communicate confidentially, professionally, and effectively, in both written and verbal formats, with stakeholders and partners
1+ year experience working on teams practicing Agile Scrum or Kanban methodologies
Plusses
Experience supporting Cloud implementation/migrations and/or Cloud Security engineering and/or operations
Experience with databases such as MongoDB or similar
Experience with Microsoft Defender, Google Security Command Center, Aqua Security, Microsoft Sentinel or HashiCorp Sentinel
Experience with change and incident management practices in large enterprises
Understanding of information security threats, trends and industry best practices and security tools
Finance sector security experience or other regulated industry (e.g., utilities, health care, government)
Familiarity with various cloud security and related risk frameworks (Cloud Security Alliance (CSA), CIS, NIST, etc.)
Security certifications such as Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC), or equivalent, CISA, CISM, CISSP, CRISC, CCSK
Microsoft Azure and/or
About the Company
Innoventrics is a global technology solutions company with a strong presence in India USA and the Canada, empowering organizations in IT and Healthcare to innovate, scale, and transform digitally. We blend deep industry knowledge with next-gen technologies to help businesses stay ahead in a rapidly evolving digital world. • – Modernizing IT systems with cloud, automation, and AI-driven innovation. • – Enhancing patient care, data management, and interoperability. • – Building scalable, secure, and user-centric digital...
Know more