Lead Security Encryption Engineer

Title: Lead Security Encryption Engineer

Wells Fargo is back in the office collaborating for fabulous outcomes.

This role is in the office three days a week and a hybrid position.

There is no Visa Sponsorship or Visa Transfers for this role.

Join a high-impact security engineering team at the forefront of enterprise cryptography, where you’ll design, build, and scale critical encryption and key management solutions that protect some of the organization’s most sensitive data. This role is ideal for a hands-on security engineer with deep expertise in cryptographic protocols, HSMs, and modern data protection technologies, who thrives in complex, large-scale environments. You’ll work across Linux, Windows, and automation frameworks to harden systems, optimize performance, and drive secure architecture forward—while partnering with engineering and operations teams to deliver resilient, scalable solutions. If you’re passionate about encryption, key management, and solving sophisticated security challenges in a fast-paced enterprise setting, this is a role where your expertise will directly shape the organization’s security posture.

This role will actively mentor and develop team members by providing technical guidance, sharing best practices, and fostering a culture of continuous learning and security excellence.

Required Qualifications:

• 5+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education.

• 5+ years of intermediate to advanced level experience with scripting/automation using tools such as: Bash, PowerShell, Python, Ansible, VBScript, or JavaScript, UI path, etc.

• 5+ years of Unix/Linux/Windows Systems Administration experience with in-depth knowledge of troubleshooting, OS hardening and OS tuning.

• 5+ years of experience with encryption or tokenization technologies.

• 3+ years of experience performing builds, administration and/or support of hardware security modules or security appliance devices.

• Advanced Knowledge of Cryptographic protocols & algorithms.

• Knowledge and understanding of Cryptographic Technologies and Key Management

• Experience with Thales CipherTrust Key Manager and CipherTrust Transparent Encryption (CTE).

• Understanding of (format preserving encryption) FPE, tokenization and TDE (transparent data encryption)

• Knowledge and understanding of implementing infrastructure upgrades, security patches, version upgrades for systems, appliances and HSM’s

• Experience with Agile Scrum or Kanban methodologies.

• Experience with application support in Linux and Windows server environments.

• Proven experience with change and incident management practices in medium to large enterprise environments.

Desired Qualifications:

• Experience with and the ability to thrive in a complex and fast-paced technology and/or information security organization, within a large enterprise environment.

• Experience performing technical product assessments, including development of implementation plans, in a large enterprise.

• Experience mentoring/guiding less experienced staff.

• Strong analytical skills with high attention to detail and accuracy.

• Advanced critical thinking, problem solving and technical troubleshooting abilities.

• Security certifications such as CISSP, GIAC or equivalent.

• Cloud certifications such as AZ-900, MS-900 or equivalent/higher.

• Knowledge and understanding of implementing infrastructure upgrades, security patches, or version upgrades.

• Experience designing, developing and implementing synthetic transactions for the monitoring of applications and/or infrastructure.

• Experience with Puppet/Chef/Ansible or similar automation tools.

• Knowledge and understanding of banking or the financial services industry.

• Ability to coordinate completion of multiple tasks and meet aggressive time frames.

Posting End Date:

4 Jun 2026

*Job posting may come down early due to volume of applicants.

We Value Equal Opportunity

Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.

Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.

Applicants with Disabilities

To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo ( .

Drug and Alcohol Policy

Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy ( to learn more.

Wells Fargo Recruitment and Hiring Requirements:

a. Third-Party recordings are prohibited unless authorized by Wells Fargo.

b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.

Req Number: R-546105