Wells Fargo · 5 hours ago
Principal Engineer - Incident Management
Minneapolis, MN
Full-time
Onsite
Senior Level, Lead/Staff
$159K/yr - $305K/yr
7+ years expWells Fargo is seeking a Principal Engineer in Technology as part of Cybersecurity. This role will serve as the technical leader for the enterprise Incident Management function, driving initiatives focused on cyber incident readiness and effective response to threats.
BankingFinancial ServicesFinTechInsurancePayments
No H1B
Responsibilities
Act as an advisor to leadership to develop or influence applications, network, information security, database, operating systems, or web technologies for highly complex business and technical needs across multiple groups
Lead the strategy and resolution of highly complex and unique challenges requiring in-depth evaluation across multiple areas or the enterprise, delivering solutions that are long-term, large-scale and require vision, creativity, innovation, advanced analytical and inductive thinking
Translate advanced technology experience, an in-depth knowledge of the organizations tactical and strategic business objectives, the enterprise technological environment, the organization structure, and strategic technological opportunities and requirements into technical engineering solutions
Provide vision, direction and expertise to leadership on implementing innovative and significant business solutions
Maintain knowledge of industry best practices and new technologies and recommends innovations that enhance operations or provide a competitive advantage to the organization
Strategically engage with all levels of professionals and managers across the enterprise and serve as an expert advisor to leadership
Act as a senior technical advisor to leadership on incident management technologies, event pipelines, case management systems, automation frameworks, and response tooling
Lead the strategy and resolution of highly complex, large-scale incident management challenges requiring advanced analytical, engineering, and operational expertise
Translate deep incident response and cybersecurity knowledge into engineering solutions that improve resiliency, reduce response time, and enhance visibility across the enterprise
Provide vision and direction on implementing next-generation incident response capabilities, including automation, orchestration, AI-enabled triage, and unified situational awareness
Lead end-to-end delivery of complex incident management engineering initiatives spanning operations, engineering, threat intelligence, platform teams, and senior leadership
Define and maintain engineering roadmaps, technical standards, KPIs, operating models, and governance for incident response systems and workflows
Develop and mature the enterprise incident management ecosystem, including case management, collaboration platforms, alert pipelines, knowledge repositories, and forensic/investigation tooling
Ensure aligned governance, cross-team coordination, and risk visibility for incident-related engineering programs
Drive continuous improvement of the incident lifecycle: intake, triage, investigation, escalation, containment, remediation, and post-incident review
Serve as a central escalation point for complex or high-severity incidents, ensuring technical clarity, stakeholder communication, and coordinated response actions
Partner closely with 24x7 SOC/IR teams, threat intel, platform owners, and business units to maintain operational readiness and situational awareness across incident workstreams
Oversee development and refinement of playbooks, runbooks, and automation to standardize and accelerate response
Manage dependencies, risks, and resource allocation across interconnected engineering and response initiatives
Ensure incident management capabilities are aligned with business risk posture, regulatory expectations, and enterprise resiliency objectives
Qualification
Required
7+ years of Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
Proven experience leading complex, multi-team, enterprise-wide programs in highly regulated organizations
Strong knowledge of cybersecurity incident response principles, tooling, and frameworks (e.g., case management systems, SOAR, log pipelines, forensics/investigations, event triage)
Familiarity with SOC/IR functions, threat intelligence, detection engineering, and crisis management
Proficiency with program and project management tools and frameworks (e.g., JIRA, Confluence, Smartsheet, MS Project, SAFe, Agile, Waterfall/Hybrid)
Exceptional communication skills, including executive-level reporting, stakeholder engagement, and risk/issue management
Ability to operate effectively across highly technical and non-technical domains, balancing operational needs with engineering constraints and business priorities
Preferred
Knowledge of enterprise crisis management processes, business continuity, or emergency response coordination
Familiarity with cloud, endpoint, identity, and network security technologies that support incident response
Understanding of NIST 800-61, NIST CSF, MITRE ATT&CK, ISO, FFIEC, or other cybersecurity and regulatory frameworks
Experience with data engineering concepts relevant to incident management: normalization, enrichment, correlation, and workflow automation
Benefits
Health benefits
401(k) Plan
Paid time off
Disability benefits
Life insurance, critical illness insurance, and accident insurance
Parental leave
Critical caregiving leave
Discounts and savings
Commuter benefits
Tuition reimbursement
Scholarships for dependent children
Adoption reimbursement
Company
Wells Fargo
Wells Fargo & Company is a financial services firm that provides banking, insurance, investments, and mortgage services.
10001+ employees
Funding
Current Stage
Public CompanyTotal Funding
unknown1978-10-06IPO
Leadership Team
Charlie Scharf
CEO
Fernando Rivas
CEO of Corporate & Investment Banking
Recent News
Business – Latest Financial & Stock Market News | New York Post
2026-01-22
FOXBusiness.com
2026-01-22
Company data provided by crunchbase