Lead Information Security Engineer (contract)

Wells Fargo
Irving, United States of America
31 days ago

Role details

Contract type
Temporary contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Irving, United States of America

Tech stack

Agile Methodologies
Azure
Cloud Computing
Cloud Computing Security
Cloud Database
Computer Security
Continuous Integration
Data Mining
Query Languages
Github
Information Security Management
Python
Microsoft Office
Scrum
Policy as Code
Data Logging
Google Cloud Platform
Infrastructure as Code (IaC)
Gitlab-ci
Kubernetes
Deployment Automation
Cloud Migration
Api Design
REST
Terraform
Prisma Cloud Platform
Devsecops
Jenkins

Job description

We are seeking a highly skilled Lead Information Security Engineer to join the Cloud Workload Lifecycle Security (CWLS) - Posture Management Engineering team. This role plays a critical part in securing the enterprise's cloud transformation by designing, engineering, and supporting cloud security posture management (CSPM) solutions.

The position will focus on leading the migration from Palo Alto Prisma Cloud Enterprise to Wiz CNAPP, with deep specialization in Cloud Security Posture Management (CSPM) capabilities. The engineer will drive policy-as-code innovation, automate detection of cloud misconfigurations and configuration drift, and enable scalable integrations across enterprise security platforms.

This is a fast-paced, highly collaborative environment supporting a distributed global team., * Lead engineering efforts supporting the migration from Prisma Cloud Enterprise to Wiz CNAPP (CSPM module)

  • Develop and enhance Policy-as-Code (PaC) frameworks using Rego, including semi-automation capabilities for scalable policy creation
  • Serve as Subject Matter Expert (SME) for Wiz CSPM features, roadmap, and best practices
  • Design and optimize security detections for:
  • Public cloud misconfigurations
  • Configuration drift detection
  • On-demand scanning (including IDE integrations for developers)
  • Translate security requirements into effective Rego policies
  • Build and maintain integrations for logging, findings delivery, and partner systems
  • Utilize REST APIs for data extraction, transformation, and automation workflows
  • Collaborate closely with engineering teams, partners, and vendors
  • Lead technical discussions and design scalable cloud security solutions
  • Troubleshoot and resolve Wiz CSPM escalations and production issues
  • Contribute to internal code repositories, improving quality and automation
  • Create clear, comprehensive documentation for all solutions
  • Train and mentor team members on PaC automation frameworks
  • Operate effectively in an Agile (Scrum/Kanban) environment
  • Manage multiple high-priority initiatives with minimal oversight

Requirements

Do you have experience in DevOps automation?, * Applicants must be authorized to work for ANY employer in the U.S. This position is not eligible for visa sponsorship.

  • Demonstrated experience in Information Security Engineering or equivalent
  • Strong experience with Terraform and automation frameworks
  • Practical experience and strong understanding of Azure and Google Cloud (GCP) platforms, services, configurations, workloads, and hardening practices
  • Experience with Rego and/or Resource Query Language (RQL)
  • Experience working with REST APIs for data extraction, transformation, and integration
  • Advanced experience with Python programming and automation
  • Familiarity with CI/CD tools (GitHub Actions, Jenkins, GitLab CI, Azure DevOps)
  • Strong analytical, problem-solving, and critical thinking abilities
  • Ability to work independently and collaboratively across distributed teams
  • Strong communication skills (written and verbal)
  • Experience working in an Agile delivery environment
  • Proficiency with Microsoft Office tools
  • Ability to manage multiple, high-priority deliverables concurrently
  • Hands-on experience with Wiz CNAPP (CSPM) (preferred)
  • Advanced experience with Rego policy automation (preferred)
  • Strong understanding of DevSecOps practices and cloud automation
  • Expertise in API-driven policy creation and automation
  • Experience with Infrastructure as Code (IaC) and Policy as Code (PaC)
  • Knowledge of automated testing frameworks
  • Experience with Kubernetes platforms (AKS, GKE, OCP preferred)
  • Familiarity with cloud security frameworks:
  • CSA, CIS, NIST
  • Experience with enterprise change and incident management processes
  • Relevant certifications such as:
  • CISSP, CISM, CISA, CRISC, CCSK, GIAC
  • Azure and/or Google Cloud certifications

Benefits & conditions

3.63.6 out of 5 stars 401 East Las Colinas Boulevard, Irving, TX Contract, Pulled from the full job description

  • 401(k)
  • Life insurance

Apply for this position