Title: Microsegmentation Engineer
Location: 401 W Las Colinas Blvd Irving, TX
Alternate Locations: Charlotte, NC or Chandler, AZ
Duration: 18 months
Work Engagement: W2
Work Schedule: 3 days in office/2 days remote
Benefits on offer for this contract position: Health Insurance, Life insurance, 401K and Voluntary Benefits
Summary:
We are seeking a Zero Trust / Micro-Segmentation Engineer to advance our enterprise segmentation strategy across hybrid environments. This role is responsible for delivering secure, scalable, and auditable traffic visibility and enforcement, ensuring strong protection against lateral movement while maintaining operational stability.
You will play a key role in driving Zero Trust adoption, managing segmentation platforms (e.g., Illumio or similar), and partnering across engineering, security, and operations teams to enable safe policy enforcement at enterprise scale.
Responsibilities:
Platform Operations & Engineering
Operate and mature a micro-segmentation platform (Illumio or equivalent SaaS-based solution)
Manage agent lifecycle (e.g., VEN or equivalent) across:
Windows
Linux
Future platforms (e.g., AIX)
Support onboarding, migrations, and large-scale deployment efforts
Segmentation Design & Enforcement
Design and implement least-privilege segmentation policies
Transition safely from visibility mode to enforcement
Prevent east-west (lateral) movement within environments while complementing north-south controls (firewalls/WAF)
Apply workload labeling and policy modeling best practices
Traffic & Telemetry Analysis
Analyze traffic flow telemetry to validate policy accuracy and system health
Use SIEM tools (e.g., Splunk preferred) for:
Baseline analysis
Time-based investigations
Distribution and anomaly detection
Troubleshoot telemetry ingestion pipelines and identify gaps or delays
Incident Response & Vendor Management
Lead incident response and escalation with segmentation platform vendors
Partner with vendor engineering teams during:
Platform outages
Capacity/scaling events
Data integrity concerns
Cross-Functional Collaboration
Work with Network Engineering, NOC/NMC, Security, and Application teams
Coordinate change management and production deployments
Communicate risks, impacts, and recommendations clearly across technical and business stakeholders
Governance & Standards
Develop and maintain segmentation standards, baselines, and governance controls
Ensure policies align with audit, compliance, and risk requirements
Support certification of controls for critical systems (e.g., payment or regulated applications)
Qualifications:
Micro-Segmentation & Zero Trust
Hands-on experience with workload-level segmentation and lateral movement prevention
Proven ability to deploy and enforce policies safely in production environments
Platform Experience
Experience with Illumio or equivalent segmentation platforms
Understanding of:
Agents (e.g., VEN)
SaaS policy engines
Enforcement modes and migration strategies
Comfortable engaging directly with vendor support/engineering teams
Traffic Analysis & SIEM
Strong experience using SIEM tools (Splunk preferred)
Deep understanding of telemetry pipelines and event ingestion
Ability to distinguish between policy issues vs. platform constraints
Infrastructure & Systems
Strong fundamentals in:
Linux and Windows server environments
Network flows and application dependencies
Understanding of:
East/West vs. North/South traffic patterns
Operational Maturity
Experience with incident response and change management
Ability to pause or delay enforcement when validation data is insufficient
Communication Skills
Ability to translate technical concepts into business and executive-level insights
Strong collaboration and influencing skills across teams and vendors
Technical Foundations
~3+ years of experience in:
Network engineering / firewall engineering / security engineering
Exposure to:
Python and/or Ansible for automation
ServiceNow (preferred for ticketing/change management)
Experience with Splunk logging and analytics
Familiarity with cloud environments (Azure preferred) and IAM concepts (RBAC, SaaS auth)
Experience integrating telemetry into:
SIEM platforms
Data lakes or automation pipelines
Exposure to:
WAF (Web Application Firewalls)
Policy certification and audit traceability
Background in regulated industries (banking, healthcare, government)
We believe in our vision and values just as strongly today as we did the first time we put them on paper more than 20 years ago. Staying true to them will guide us toward continued growth and success for decades to come. As you read more about our vision and values, you will learn about who we are, where we’re headed and how every Wells Fargo team member can help us get there.