Wells Fargo

Threat Detection Principal Engineer

Wells Fargo

full-time

Posted on:

Location Type: Hybrid

Location: IselinArizonaCaliforniaUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $159,000 - $305,000 per year

Job Level

Lead

Tech Stack

PythonSplunk

About the role

  • Act as a trusted advisor to leadership on threat detection strategy and platform architecture.
  • Lead resolution of complex detection engineering challenges across multiple security platforms.
  • Translate threat intelligence and business risk into actionable detection use cases.
  • Maintain deep knowledge of adversary tradecraft, detection methodologies, and security analytics.
  • Drive innovation and continuous improvement across threat detection operations.
  • Serve as the Principal Engineer (SME) for threat detection across Splunk, CrowdStrike, and Microsoft Defender platforms.
  • Lead the design and implementation of scalable detection logic and alerting frameworks aligned to MITRE ATT&CK techniques.
  • Develop and maintain threat detection content to identify adversarial behaviors and emerging TTPs.
  • Collaborate with threat intelligence, incident response, and SOC teams to ensure detection coverage and response readiness.
  • Drive automation and enrichment of detection pipelines using scripting and orchestration tools.
  • Provide technical oversight and mentorship to detection engineering teams.
  • Evaluate emerging threats and technologies to continuously improve detection capabilities.
  • Interface with executive leadership to align detection strategy with business priorities and risk posture.

Requirements

  • 7+ years of Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  • + years of hands-on experience with Splunk, including SPL development and detection engineering.
  • 3+ years of experience with CrowdStrike Falcon and Microsoft Defender for Endpoint.
  • Deep understanding of MITRE ATT&CK framework and threat actor TTPs.
  • Proven experience developing and tuning detection content in large-scale enterprise environments.
  • Strong scripting skills (e.g., Python, PowerShell) and familiarity with automation tools.
Benefits
  • Health benefits
  • 401(k) Plan
  • Paid time off
  • Disability benefits
  • Life insurance, critical illness insurance, and accident insurance
  • Parental leave
  • Critical caregiving leave
  • Discounts and savings
  • Commuter benefits
  • Tuition reimbursement
  • Scholarships for dependent children
  • Adoption reimbursement
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
SPL developmentdetection engineeringscriptingPythonPowerShellautomation toolsdetection content developmentalerting frameworkssecurity analyticsthreat detection
Soft Skills
trusted advisorleadershipcollaborationmentorshipinnovationcontinuous improvementtechnical oversightcommunicationproblem-solvingstrategic alignment