Find Jobs (Post Jobs)
- Accounting / Finance Jobs (14697)
- Architect / Engineering Jobs (4029)
- Business and Management Jobs (2727)
- Environmental Jobs (14686)
- Government Jobs (190087)
- Health Care Jobs (4771)
- Hospitality Jobs (21581)
- Janitorial Jobs (2457)
- Legal Jobs (12150)
- Nanny Jobs / Babysitting (6)
- Office Jobs (89255)
- Other Jobs (853)
- Retail / Wholesale Jobs (10970)
- Sales Jobs (10970)
- Science (17385)
- Security (3621)
- Skilled Trades / Crafts (4029)
- Transportation Jobs (195)
- Travel / Transportation (501)
Jobs By State
- Alabama (205)
- Alaska (178)
- Arizona (1509)
- Arkansas (118)
- California (73044)
- Colorado (491)
- Connecticut (43)
- Delaware (23)
- Florida (413)
- Georgia (381)
- Hawaii (194)
- Idaho (2801)
- Illinois (222)
- Indiana (168)
- Iowa (94)
- Kansas (148)
- Kentucky (228)
- Louisiana (196)
- Maine (57)
- Maryland (551)
- Massachusetts (182)
- Michigan (232)
- Minnesota (153)
- Mississippi (160)
- Missouri (280)
- Montana (163)
- Nebraska (77)
- Nevada (235)
- New Hampshire (35)
- New Jersey (132)
- New Mexico (329)
- New York (329)
- North Carolina (313)
- North Dakota (91)
- Ohio (236)
- Oklahoma (201)
- Oregon (150)
- Pennsylvania (285)
- Rhode Island (19)
- South Carolina (175)
- South Dakota (128)
- Tennessee (142)
- Texas (804)
- Utah (5452)
- Vermont (43)
- Virginia (756)
- Washington (32241)
- West Virginia (147)
- Wisconsin (118)
- Wyoming (147)
100,000's of Government Jobs
Search Government Jobs
INFO SECURITY ENGINEER 5 - SECURE CODE REVIEW
Job Field: Legal Jobs
Location: SAN FRANCISCO, CA
Salary: $Not stated
Location: SAN FRANCISCO, CA
Salary: $Not stated
JOB SUMMARY:
</tr>
<tr><td valign="top" width="450"><b>NOTE: Minneapolis is the preferred location for this position, however will consider candidates from any U.S. location including telecommute. The Secure Code Review (SCR) team is part of Security Consulting (CIS-C). Security Planning is the process of identifying, documenting, and consulting on specific Information Security threats and vulnerabilities, associated likelihood and impact, and mitigating controls in order to determine an overall risk rating. Results of the assessment are documented in a Security Plan. The results are completed to quantify risk so that we may make an informed decision on whether to accept the risk and/or mitigate the risk where no known (or insufficient) controls exist. SCR s part of this process is to identify and assess risks present in applications using a hybrid static analysis methodology. Specific Duties: The critical skills / competencies required for the position are in-depth knowledge and understanding of computer applications, including various languages (i.e. Java, ASP, .NET, C++, C#, etc.). Additional knowledge of risk assessment methodologies and frameworks and how to apply them to diverse applications. The skills to gather relevant information; including environmental characterization, threat identification, vulnerability identification and control analysis. The skills to analyze information; including likelihood determination, impact analysis and risk determination. The skills to prioritize risk responses including control recommendation and documentation. Strong communication (verbal and written), negotiation, problem solving and business line engagement required. Selected individual will successfully comprehend large complex applications written by others from reading code. Handles multiple complex assignments simultaneously. Good communication and writing skills with the ability to talk to both business people and technical people. Should be able to communicate complex subjects in easy-to-understand terms. Stays current with emerging technologies and industry trends.Basic Qualifications: 7+ years of experience in security applications and systems.Minimum Qualifications: 7 years of software development experience Experience with web-based application development 4 years combined experience with J2EE (servlet/JSP) and .NET (C#/VB.Net and ASP.NET) with at least 1 year of each one Experience with relational databases from an application development perspective Application security experience Peer code review experience Knowledge of application security vulnerabilities such as the OWASP Top 10 Ability to handle difficult situations and to provide alternative solutions or workarounds Flexible and creative in helping to find acceptable solutions Experience mentoring othersPreferred Skills: Framework experience (Struts, Spring) Understanding of AJAX and web services Maintenance programming experience CISSP or comparable security certification Developer Certifications (examples include SCWCD, SCJP, SCJD, SCJA, MCSD, etc.) Basic understanding of the following protocols/technologies: o SSL/TLS o Cryptography (symmetric and asymmetric encryption, PKI, etc.) Ability to work on multiple complex assignments simultaneously Ability to work alone or in groups Good communication and writing skills with the ability to talk to both business people and technical peopleHow to Express Interest in This Job: Wells Fargo invites you to apply for this job at https://employment.wellsfargo.com/psp/PSEA/APPLICANT_NW/HRMS/c/HRS_HRAM.HRS_CE.GBL?Page=HRS_CE_HM_PRE&Action=A&SiteID=1&Opening=3673943.WELLS FARGO IS AN AFFIRMATIVE ACTION AND EQUAL OPPORTUNITY EMPLOYER M/F/D/V.
</tr>
<tr><td valign="top" width="450"><b>NOTE: Minneapolis is the preferred location for this position, however will consider candidates from any U.S. location including telecommute. The Secure Code Review (SCR) team is part of Security Consulting (CIS-C). Security Planning is the process of identifying, documenting, and consulting on specific Information Security threats and vulnerabilities, associated likelihood and impact, and mitigating controls in order to determine an overall risk rating. Results of the assessment are documented in a Security Plan. The results are completed to quantify risk so that we may make an informed decision on whether to accept the risk and/or mitigate the risk where no known (or insufficient) controls exist. SCR s part of this process is to identify and assess risks present in applications using a hybrid static analysis methodology. Specific Duties: The critical skills / competencies required for the position are in-depth knowledge and understanding of computer applications, including various languages (i.e. Java, ASP, .NET, C++, C#, etc.). Additional knowledge of risk assessment methodologies and frameworks and how to apply them to diverse applications. The skills to gather relevant information; including environmental characterization, threat identification, vulnerability identification and control analysis. The skills to analyze information; including likelihood determination, impact analysis and risk determination. The skills to prioritize risk responses including control recommendation and documentation. Strong communication (verbal and written), negotiation, problem solving and business line engagement required. Selected individual will successfully comprehend large complex applications written by others from reading code. Handles multiple complex assignments simultaneously. Good communication and writing skills with the ability to talk to both business people and technical people. Should be able to communicate complex subjects in easy-to-understand terms. Stays current with emerging technologies and industry trends.Basic Qualifications: 7+ years of experience in security applications and systems.Minimum Qualifications: 7 years of software development experience Experience with web-based application development 4 years combined experience with J2EE (servlet/JSP) and .NET (C#/VB.Net and ASP.NET) with at least 1 year of each one Experience with relational databases from an application development perspective Application security experience Peer code review experience Knowledge of application security vulnerabilities such as the OWASP Top 10 Ability to handle difficult situations and to provide alternative solutions or workarounds Flexible and creative in helping to find acceptable solutions Experience mentoring othersPreferred Skills: Framework experience (Struts, Spring) Understanding of AJAX and web services Maintenance programming experience CISSP or comparable security certification Developer Certifications (examples include SCWCD, SCJP, SCJD, SCJA, MCSD, etc.) Basic understanding of the following protocols/technologies: o SSL/TLS o Cryptography (symmetric and asymmetric encryption, PKI, etc.) Ability to work on multiple complex assignments simultaneously Ability to work alone or in groups Good communication and writing skills with the ability to talk to both business people and technical peopleHow to Express Interest in This Job: Wells Fargo invites you to apply for this job at https://employment.wellsfargo.com/psp/PSEA/APPLICANT_NW/HRMS/c/HRS_HRAM.HRS_CE.GBL?Page=HRS_CE_HM_PRE&Action=A&SiteID=1&Opening=3673943.WELLS FARGO IS AN AFFIRMATIVE ACTION AND EQUAL OPPORTUNITY EMPLOYER M/F/D/V.
KEY REQUIREMENTS:
Not stated
Tips