About this role:
Wells Fargo is seeking a Senior Information Security Analyst to serve as a hands-on technical contributor focused on cryptographic controls, automation, and remediation execution.
In this role, you will:
Provide information security consultation to improve awareness and compliance with Enterprise Information Security policy, processes and standards
Perform remediation of security assessment review issues, complex ad hoc data, and reporting to support information security risk management
Provide guidance and direction in reviewing assessment findings and mitigating controls to optimize information security
Identify and direct information asset portfolio reconciliations and certifications
Provide advanced data aggregation and data of information security risk exposure
Develop and deliver Information Security Education Awareness and Training in accordance with the Enterprise Information Security Program standards
Review draft and proposed control standards for business impact and recommend modifications or clarifications as required
Conduct security control testing and consultation with stakeholders
Evaluate and interpret internal and Enterprise Information Security policies, processes and standards, and provide recommendations to improve them
Collaborate and consult with peers, colleagues, and managers to resolve issues and achieve goals
Interact with internal customers
Serve as a mentor to less experienced staff
Required Qualifications:
4+ years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
Desired Qualifications:
Experience in information security, cryptography, cybersecurity engineering, or control execution
Strong understanding of cryptographic concepts including PKI, digital certificates, encryption, and key management lifecycle controls
Experience with vulnerability and certificate scanning tools such as Qualys and Venafi
Experience with endpoint or infrastructure scanning platforms such as Tanium
Strong hands-on experience with Python, SQL, and API integration for automation and data processing
Experience using ServiceNow or similar platforms for remediation tracking, workflow orchestration, and ticket management
Ability to analyze large datasets, identify root causes, and drive remediation of complex security issues
Strong troubleshooting skills across cryptographic implementations, system configurations, and data sources
Understanding of security policies, control requirements, and governance expectations related to cryptographic controls
Experience with enterprise certificate lifecycle management and PKI governance processes
Experience building automated workflows for vulnerability detection, remediation tracking, and reporting
Experience integrating security platforms and consolidating data across systems of record
Experience with data visualization or reporting tools to support risk and control transparency
Familiarity with SDLC integration and embedding security controls into development workflows
Experience supporting audit, evidence generation, and control validation activities
Demonstrated ability to design scalable solutions that improve control consistency and reduce manual effort
Job Expectations:
Specializes in digital certificates, Public Key Infrastructure (PKI), encryption key management, and data protection controls across data at rest and in transit.
Analyze large-scale security datasets to identify non-compliant cryptographic implementations, troubleshoot configuration issues, and drive remediation across enterprise platforms such as Qualys, Venafi, Tanium, and ServiceNow. This role will design and implement automation solutions using Python, SQL, and APIs to improve visibility, reduce manual analysis, and enable scalable enforcement of cryptographic standards.
In addition to technical execution, integrate policy-aligned cryptographic baselines into workflows and SDLC processes, ensuring consistent, measurable control implementation aligned to enterprise policy requirements for certificate management and key lifecycle controls.
Analyze and interpret security data to identify cryptographic vulnerabilities, non-adherence, and configuration gaps across enterprise platforms
Drive remediation of non-compliant digital certificates, encryption configurations, and key management practices in alignment with policy and control requirements
Build automation solutions using Python, SQL, and APIs to streamline data ingestion, analysis, and remediation tracking
Integrate cryptographic controls into automated workflows and SDLC processes to ensure consistent application of standards
Leverage enterprise tools including Qualys, Venafi, Tanium, and ServiceNow to manage detection, tracking, and remediation of cryptographic issues
Design scalable, end-to-end solutions to improve visibility into cryptographic risk and control effectiveness
Support certificate lifecycle management activities, including discovery, validation, renewal, and removal of non-adherent certificates
Troubleshoot PKI-related issues, certificate misconfigurations, and key management lifecycle gaps
Partner with application and infrastructure teams to provide guidance, resolve issues, and accelerate remediation timelines
Communicate findings, risk impacts, and remediation priorities to stakeholders to enable informed decision-making
Posting End Date:
21 Jul 2026
*Job posting may come down early due to volume of applicants.
We Value Equal Opportunity
Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.
Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.
Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.
Applicants with Disabilities
To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo.
Drug and Alcohol Policy
Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more.
Wells Fargo Recruitment and Hiring Requirements:
a. Third-Party recordings are prohibited unless authorized by Wells Fargo.
b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.