Information Security Engineering Senior Manager

About this role:

Join an exciting, fast-paced organization working on cutting edge encryption, tokenization and key management technologies, leveraged to protect information companywide. Wells Fargo is seeking a Information Security Engineering Senior Manager to lead and oversee Teams working with hardware security modules (HSMs), security appliances, application encryption and tokenization. This leadership role requires strong Information Technology and Information Security foundational knowledge, as well as experience with and awareness of encryption/tokenization and key management technologies and engineering practices. The ideal candidate for this position will have demonstrated experience leading a team, influencing and collaborating with all levels of leadership, including Executives, in a large Enterprise environment. The role closely partners across Wells Fargo Technology Infrastructure, Cybersecurity and lines of business to drive information protection product delivery, support business priorities and oversees the allocation of people and financial resources to ensure commitments are met and align with strategic objectives

• Manage a team of Information Security Engineers that design, document, test, maintain and provide issue resolution recommendations for highly complex security solutions related to networking, cryptography, cloud, authentication or directory services, email, internet, applications, or endpoint security.
• Engage more experienced information security and line of business management to identify, formulate and implement information security solutions and controls.
• Lead a large, complex information security unit or a number of smaller specialized work units with direct impact to companywide information security objectives having high risk and complexity.
• Manage security consulting on large projects for internal clients to ensure conformity with corporate information security policy and standards.
• Set guidelines for compliance and risk management requirements for supported area and work with other stakeholders to implement key risk initiatives.
• Oversee resource allocations to ensure commitments align with strategic objectives.
• Manage implementation of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management and business continuity.
• Maintain a broad awareness of the state of information security across the enterprise and industry.
• Influence change to information security policy, standards and procedures for systems, applications or tools.
• Lead large, companywide projects and initiatives.
• Represent the organization to regulators, industry groups and governmental agencies.
• Interface with Information Security Industry Leaders, Financial industry Leaders, Analysts and Regulators.
• Advise more experienced leadership or executive management on issues with high, critical impact on the company.
• Manage allocation of people and financial resources for Information Security Architecture.
• Develop and guide a culture of talent development to meet business objectives and strategy.

• 10+ years of strategic technology leadership experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 10+ years of experience building, leading, managing, and mentoring high-performance engineering or operations teams.
• 5+ years of experience in a leadership/management role specific to engineering teams working with encryption/key management (e.g. Hardware Security Modules), Public Key Infrastructure (PKI) or related information protection technologies
• 10 + year's Experience with engineering, support and application integration of various HSM vendor products like FutureX, Thales and Atalla HSMs
• 2+ year's experience with Programming / scripting knowledge for automating and integrating cryptographic libraries with HSMs

• Advanced expertise in cryptography and key lifecycle management
• Experience with Application encryption and tokenization product like Opentext Voltage is a plus
• Ability to influence across all organizational levels, particularly senior/executive management
• Knowledge and understanding of leveraging and administering digital certificates, and keys for authentication and encryption.
• Deep knowledge of information security frameworks, standards, and best practices, including NIST and ISO guidelines for encryption and automated resilience.
• Familiarity with compliance standards such as FIPS 140-2, PCI DSS and Common Criteria
• Proficiency with monitoring and data analysis tools like Splunk and Elasticsearch for encryption-related security event detection and performance tracking.
• Knowledge of synthetic transaction monitoring tools to ensure the reliability and availability of critical systems.
• Experience in designing and implementing self-healing systems, including automated recovery and fault-tolerant solutions.
• Strong vendor management skills, including evaluating, onboarding, and collaborating with vendors for encryption tools and automated recovery solutions.
• Exceptional ability to communicate complex technical concepts to a wide range of audiences, including executives.
• Knowledge of cloud-based HSM solutions and hybrid deployments (on-premises and cloud)
• Familiarity with risk assessment, incident response planning, and audit processes for HSM governance
• 3+ years experience with Agile practices and frameworks such as SCRUM and KANBAN as well as Confluence and JIRA toolsets.

• Ability to travel up to 10% of the time.
• Hybrid work schedule requires onsite presence (3 days / week).

• Health benefits
• 401(k) Plan
• Paid time off
• Disability benefits
• Life insurance, critical illness insurance, and accident insurance
• Parental leave
• Critical caregiving leave
• Discounts and savings
• Commuter benefits
• Tuition reimbursement
• Scholarships for dependent children
• Adoption reimbursement