Senior Information Security Engineer - Firewall Micro-segmentation

Wells Fargo
Chandler, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Chandler, United States of America

Tech stack

API
Amazon Web Services (AWS)
JIRA
Azure
Configuration Management Databases
Computer Security
Continuous Integration
Github
JSON
Python
NetFlow
Network Segmentation
OAuth
OpenID
Powershell
Ansible
Akamai
Kusto Query Language
Zero Trust Network Access
Security Information and Event Management
Policy as Code
Scripting (Bash/Python/Go/Ruby)
Istio
HybridCloud
Firewalls (Computer Science)
Amazon Web Services (AWS)
Kubernetes
CIS Benchmarks
Terraform
Splunk
Software Version Control
Cisco networks
ServiceNow
VMware

Job description

  • Design, document, test, maintain, and provide issue resolution recommendations for highly complex security solutions related to Micro-Segmentation
  • Implement requirements and engage teams to create automation / orchestration for the enterprise's Micro-Segmentation solution
  • Help identify new tools and/or features to strengthen enterprise Micro-Segmentation capabilities
  • Serve as a POC for enterprise Micro-Segmentation deployment
  • Implement security designs on large projects for internal clients to ensure conformity with corporate information, security policy, and standards
  • Utilize subject matter knowledge in industry leading security solutions and best practices to implement components of information security.
  • Collaborate and provide influence with all members of the microsegmentation team
  • Define and coordinate automation strategies to integrate micro-segmentation with CMDB and user-facing portals, translating business and security requirements into actionable deliverables for development teams.

Requirements

Do you have experience in Zero trust architecture design?, We are looking for a solid security engineer with a technical foundation in firewalls and traffic segmentation.

Ideal candidates would have hands on segmentation experience with Illumio and at least one of: Guardicore (Akamai), VMware NSX-T, Cisco Secure Workload, or Kubernetes-native (Calico/Cilium, NetworkPolicies) including policy simulation/shadow testing and staged rollouts.

Hands-on segmentation in hybrid environments (on-prem + AWS/Azure/GCP), including Azure ASG/NSG or AWS SG patterns, and Kubernetes/Service Mesh (NetworkPolicies, mTLS, Istio/Envoy) for east-west traffic would be highly desirable.

Scripting is a talent of yours and you like the challenge of building reliable automations using Python/PowerShell, Terraform/Ansible, and ServiceNow IntegrationHub with OAuth2/OIDC-secured APIs, version control (Git/GitHub), CI/CD, and policy-as-code workflows (idempotent, retry-safe).

Security is top of mind for you and you are able to implement identity- and risk-aware policies by integrating CMDB labels, workload identities, and EDR/PAM context to enforce Zero Trust segmentation, * 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education, * Experience with Micro-Segmentation security solutions including policy management

  • Experience with scripting
  • Strong understanding of APIs and proficiency in working with JSON, including the ability to interpret, construct, and troubleshoot queries and payloads in support of automation and integration efforts
  • Experience with one or more: Guardicore (Akamai), VMware NSX T, Cisco Secure Workload, Calico/Cilium.
  • Experience with Hybrid cloud segmentation in Azure/AWS/GCP (NSG/ASG, SG/NACL, tags/labels).
  • Experience with Service Mesh (Istio/Envoy), Kubernetes NetworkPolicies, OPA/Gatekeeper.
  • Scripting skills such as Python/PowerShell, Terraform/Ansible, Git/GitHub, CI/CD; ServiceNow IntegrationHub.
  • Telemetry (NetFlow/IPFIX/eBPF, VPC Flow Logs) and SIEM analytics (Splunk/Sentinel/Elastic; KQL/SPL).
  • Understanding of NIST 800 207 Zero Trust and mapping to NIST/CIS controls.
  • Experience designing policy simulation/shadow testing and staged rollouts with measurable KPIs.
  • Excellent technical documentation skills
  • Experience with Service Now, Jira or similar systems.

Benefits & conditions

  • Willingness and Ability to work off hours and occasional weekends to support change activities
  • Participation in on call shift

Posting End Date:

12 Jul 2026

  • Job posting may come down early due to volume of applicants.

We Value Equal Opportunity

Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements.

Apply for this position