Senior Manager, Digital Forensics & Threat Hunting R.A.P.T.O.R

About this role:

Wells Fargo is seeking an Information Security Engineering Senior Manager in Technology as part of Cybersecurity. Learn more about the career areas and lines of business at wellsfargojobs.com.

We are seeking a dynamic Senior Manager to lead and mature our global Incident Response and Threat Hunting programs within our R.A.P.T.O.R (Reconnaissance Analysis and Pursuit for Threat Operations and Response) Team. This role demands deep technical expertise in cyber defense, advanced threat detection, and security architecture, combined with proven leadership in building, mentoring, and scaling high-performing teams. The Senior Manager will drive strategic initiatives, oversee complex investigations, and collaborate cross-functionally to ensure enterprise resilience against sophisticated cyber threats.

This position can be hired remotely.

In this role, you will:

• Manage a team, through less experienced managers, of Information Security Engineers that design, document, test, maintain and provide issue resolution recommendations for highly complex security solutions related to networking, cryptography, cloud, authentication or directory services, email, internet, applications, or endpoint security
• Engage more experienced information security and line of business management to identify, formulate and implement information security solutions and controls
• Lead a large, complex information security unit or a number of smaller specialized work units with direct impact to companywide information security objectives having high risk and complexity
• Manage security consulting on large projects for internal clients to ensure conformity with corporate information security policy and standards
• Set guidelines for compliance and risk management requirements for supported area and work with other stakeholders to implement key risk initiatives
• Oversee resource allocations to ensure commitments align with strategic objectives
• Manage implementation of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management and business continuity
• Maintain a broad awareness of the state of information security across the enterprise and industry
• Influence change to information security policy, standards and procedures for systems, applications or tools
• Lead large, companywide projects and initiatives
• Represent the organization to regulators, industry groups and governmental agencies
• Interface with Information Security Industry Leaders, Financial industry Leaders, Analysts and Regulators
• Advise more experienced leadership or executive management on issues with high, critical impact on the company
• Manage allocation of people and financial resources for Information Security Architecture
• Develop and guide a culture of talent development to meet business objectives and strategy

Key Responsibilities

• Program Leadership & Strategy
  • Architect and continuously improve enterprise-wide incident response and threat hunting programs, aligning methodologies with frameworks such as MITRE ATT&CK.
  • Develop and enforce standardized playbooks, workflows, and KPI-driven metrics for incident response and threat hunting operations. Review and realign current methodologies.
  • Lead the design and delivery of executive-level tabletop exercises and technical workshops to enhance organizational cyber resilience.
• Team Management & Mentorship
  • Build, mentor, and manage teams of senior incident responders, and threat hunters.
  • Deliver advanced training curricula covering adversary TTP analysis, hypothesis-driven hunting, log analysis, and custom detection engineering.
  • Foster a culture of continuous improvement, technical excellence, and proactive threat identification.
• Technical Oversight
  • Oversee end-to-end incident response for cloud and on-premises environments, ensuring rapid identification, containment, and remediation of advanced threats.
  • Direct the development and optimization of custom threat detection logic, hunting queries, and automated workflows across SIEM and EDR platforms.
  • Integrate threat intelligence and behavioral analytics to improve detection efficiency and reduce false positives.
• Cross-Functional Collaboration
  • Partner with legal, compliance, and executive leadership to manage post-incident reporting, regulatory compliance, and external threat intelligence sharing.
  • Advise stakeholders on strategic threat intelligence, attack surface reduction, and emerging threats.
  • Assist with vulnerability assessments, penetration testing, and defense-in-depth strategies for critical infrastructure and business operations.
• Operational Excellence
  • Orchestrate full-lifecycle investigations into APTs, ransomware, and insider threats, leveraging forensic tools and threat intelligence platforms.
  • Conduct root cause analysis and deliver actionable recommendations to prevent recurrence and strengthen enterprise security posture.
  • Work with SIEM platform teams to better enrich visibility of our global network and endpoints.

Required Qualifications:

• 6+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 3+ years of management or leadership experience
• Demonstrated expertise in SIEM/EDR platforms, forensic analysis, and threat intelligence integration.

Desired Qualifications:

• Patent holder or published author in cybersecurity methodologies.
• Experience with cloud security, IoT, and industrial control systems.
• Strong communication, leadership, and stakeholder management skills.
• Bachelor's Degree in Computer Information Systems, Cybersecurity, or related field.
• Advanced certifications: CISSP, CISM, GCFA, OSWP, CREA.
• Proven track record in developing and scaling security programs, training teams, and leading high-impact investigations.
• Experience with regulatory compliance, post-incident reporting, and executive communications.

Pay Range

Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to achievements, skills, experience, or work location. The range listed is just one component of the compensation package offered to candidates.

Posting End Date:

* Job posting may come down early due to volume of applicants.

We Value Equal Opportunity

Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements.

Applicants with Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo

Drug and Alcohol Policy

Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more.

Wells Fargo Recruitment and Hiring Requirements:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.

b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.