Wells Fargo

Cyber Defense Principal Engineer

Wells Fargo

full-time

Posted on:

Location Type: Hybrid

Location: CharlotteArizonaMinnesotaUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $159,000 - $305,000 per year

Job Level

Lead

Tech Stack

AWSAzureCloudGoogle Cloud PlatformPythonSplunk

About the role

  • Engineer and optimize enterprise detection and response platforms (SIEM, SOAR, EDR, NDR, cloud‑native tools) to improve coverage, resilience, and time‑to‑detect/respond.
  • Develop high‑quality detections leveraging threat models, behavior analytics, MITRE ATT&CK, and intelligence‑driven TTPs—balancing fidelity with operational efficiency.
  • Build automated response playbooks and investigation tooling to streamline SOC/IR workflows and reduce MTTD/MTTR.
  • Strengthen telemetry pipelines (onboarding, normalization, enrichment, schema governance, retention) for critical systems, identity providers, and cloud services.
  • Operationalize threat intelligence by translating IOCs/TTPs into actionable detections and mitigations; prioritize emerging risks.
  • Serve as a technical escalation point during major incidents, guiding log analysis, forensics, containment, and recovery efforts.
  • Partner closely with Cloud, Infrastructure, IAM, DevSecOps, and Application Security to embed controls and ensure defense‑in‑depth across the stack.
  • Lead evaluations and POCs of new technologies; drive continuous improvement of risk‑based metrics and reporting.
  • Mentor engineers and contribute to engineering standards, runbooks, and best practices.

Requirements

  • 7+ years of Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  • 5+ years in Cyber Defense, Detection Engineering, or Security Operations.
  • 5+ years of experience in SIEM/SOAR platforms (e.g., Splunk, Azure Sentinel, Elastic) and analytics pipelines.
  • 5+ years of experience in cloud security (Azure, AWS, GCP), endpoint and network telemetry, and identity security logging.
  • 3+ years of experience in MITRE ATT&CK, threat hunting, adversary emulation, and behavior‑based detections.
  • 3 years in Python, PowerShell, or Bash for automation and tooling.
Benefits
  • Health benefits
  • 401(k) Plan
  • Paid time off
  • Disability benefits
  • Life insurance, critical illness insurance, and accident insurance
  • Parental leave
  • Critical caregiving leave
  • Discounts and savings
  • Commuter benefits
  • Tuition reimbursement
  • Scholarships for dependent children
  • Adoption reimbursement
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
detection engineeringcyber defensethreat huntingbehavior analyticsautomationlog analysisforensicsincident responsePythonPowerShell
Soft Skills
mentoringleadershipcollaborationcommunicationproblem-solving