Wells Fargo · 2 days ago
Threat Detection Principal Engineer
San Francisco, CA
Full-time
Onsite
Senior Level, Lead/Staff
$159K/yr - $305K/yr
7+ years expWells Fargo is seeking a Principal Engineer in Technology as part of Cybersecurity. This role will serve as the senior technical authority for threat detection engineering, focusing on leveraging various platforms to identify and mitigate advanced threats.
BankingFinancial ServicesFinTechInsurancePayments
Responsibilities
Act as a trusted advisor to leadership on threat detection strategy and platform architecture
Lead resolution of complex detection engineering challenges across multiple security platforms
Translate threat intelligence and business risk into actionable detection use cases
Maintain deep knowledge of adversary tradecraft, detection methodologies, and security analytics
Drive innovation and continuous improvement across threat detection operations
Serve as the Principal Engineer (SME) for threat detection across Splunk, CrowdStrike, and Microsoft Defender platforms
Lead the design and implementation of scalable detection logic and alerting frameworks aligned to MITRE ATT&CK techniques
Develop and maintain threat detection content to identify adversarial behaviors and emerging TTPs
Collaborate with threat intelligence, incident response, and SOC teams to ensure detection coverage and response readiness
Drive automation and enrichment of detection pipelines using scripting and orchestration tools
Provide technical oversight and mentorship to detection engineering teams
Evaluate emerging threats and technologies to continuously improve detection capabilities
Interface with executive leadership to align detection strategy with business priorities and risk posture
Qualification
Required
7+ years of Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
+ years of hands-on experience with Splunk, including SPL development and detection engineering
3+ years of experience with CrowdStrike Falcon and Microsoft Defender for Endpoint
Deep understanding of MITRE ATT&CK framework and threat actor TTPs
Proven experience developing and tuning detection content in large-scale enterprise environments
Strong scripting skills (e.g., Python, PowerShell) and familiarity with automation tools
Preferred
Certifications such as Splunk Certified Architect, CrowdStrike Certified Falcon Administrator, or Microsoft SC-200
Experience integrating detection platforms with SOAR and threat intelligence feeds
Familiarity with cloud-native security tools and telemetry (AWS, Azure, GCP)
Ability to communicate technical concepts to non-technical stakeholders
Experience working in regulated industries such as finance or healthcare
Benefits
Health benefits
401(k) Plan
Paid time off
Disability benefits
Life insurance, critical illness insurance, and accident insurance
Parental leave
Critical caregiving leave
Discounts and savings
Commuter benefits
Tuition reimbursement
Scholarships for dependent children
Adoption reimbursement
Company
Wells Fargo
Wells Fargo & Company is a financial services firm that provides banking, insurance, investments, and mortgage services.
10001+ employees
H1B Sponsorship
Wells Fargo has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2022 (1)
Funding
Current Stage
Public CompanyTotal Funding
unknown1978-10-06IPO
Leadership Team
Charlie Scharf
CEO
Fernando Rivas
CEO of Corporate & Investment Banking
Recent News
2026-01-23
Business – Latest Financial & Stock Market News | New York Post
2026-01-22
Company data provided by crunchbase