Senior Information Security Engineer - Micro-segmentation

Wells Fargo is back in the office collaborating for fabulous outcomes!
This role is a hybrid position and in three days a week in the office.
There is no visa sponsorship or visa transfers for this position.
About this role:
Wells Fargo is seeking a Micro-segmentation Senior Information Security Engineer.
We are looking for a solid security engineer with a technical foundation in firewalls and traffic segmentation.
Ideal candidates would have hands on segmentation experience with Illumio and at least one of: Guardicore (Akamai), VMware NSX-T, Cisco Secure Workload, or Kubernetes-native (Calico/Cilium, NetworkPolicies) including policy simulation/shadow testing and staged rollouts.
Hands-on segmentation in hybrid environments (on-prem + AWS/Azure/GCP), including Azure ASG/NSG or AWS SG patterns, and Kubernetes/Service Mesh (NetworkPolicies, mTLS, Istio/Envoy) for east-west traffic would be highly desirable.
Scripting is a talent of yours and you like the challenge of building reliable automations using Python/PowerShell, Terraform/Ansible, and ServiceNow IntegrationHub with OAuth2/OIDC-secured APIs, version control (Git/GitHub), CI/CD, and policy-as-code workflows (idempotent, retry-safe).
Security is top of mind for you and you are able to implement identity- and risk-aware policies by integrating CMDB labels, workload identities, and EDR/PAM context to enforce Zero Trust segmentation
In this role, you will:

• Design, document, test, maintain, and provide issue resolution recommendations for highly complex security solutions related to Micro-Segmentation
• Implement requirements and engage teams to create automation / orchestration for the enterprise's Micro-Segmentation solution
• Help identify new tools and/or features to strengthen enterprise Micro-Segmentation capabilities
• Serve as a POC for enterprise Micro-Segmentation deployment
• Implement security designs on large projects for internal clients to ensure conformity with corporate information, security policy, and standards
• Utilize subject matter knowledge in industry leading security solutions and best practices to implement components of information security.
• Collaborate and provide influence with all members of the microsegmentation team
• Define and coordinate automation strategies to integrate micro-segmentation with CMDB and user-facing portals, translating business and security requirements into actionable deliverables for development teams.

Required Qualifications:

• 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education

Desired Qualifications:

• Experience with Micro-Segmentation security solutions including policy management
• Experience with scripting
• Strong understanding of APIs and proficiency in working with JSON, including the ability to interpret, construct, and troubleshoot queries and payloads in support of automation and integration efforts
• Experience with one or more: Guardicore (Akamai), VMware NSX T, Cisco Secure Workload, Calico/Cilium.
• Experience with Hybrid cloud segmentation in Azure/AWS/GCP (NSG/ASG, SG/NACL, tags/labels).
• Experience with Service Mesh (Istio/Envoy), Kubernetes NetworkPolicies, OPA/Gatekeeper.
• Scripting skills such as Python/PowerShell, Terraform/Ansible, Git/GitHub, CI/CD; ServiceNow IntegrationHub.
• Telemetry (NetFlow/IPFIX/eBPF, VPC Flow Logs) and SIEM analytics (Splunk/Sentinel/Elastic; KQL/SPL).
• Understanding of NIST 800 207 Zero Trust and mapping to NIST/CIS controls.
• Experience designing policy simulation/shadow testing and staged rollouts with measurable KPIs.
• Excellent technical documentation skills
• Experience with Service Now, Jira or similar systems.

Job Expectations:

• Willingness and Ability to work off hours and occasional weekends to support change activities
• Participation in on call shift