Microsegmentation Engineer

Wells Fargo & Co

Irving, TX

JOB DETAILS
SKILLS
Analysis Skills, Applications Security, Banking Services, Change Management, Cloud Computing, Communication Skills, Cross-Functional, Data Quality, Government, Healthcare, Identify Issues, Incident Response, Microsoft Windows Azure, Network Architecture/Engineering, Network Operations Center, Network Traffic Analysis, Onboarding, Production Systems, Regulatory Compliance, Risk, Security Information and Event Management (SIEM), ServiceNow, Software as a Service (SaaS), Splunk, Telemetry, Vendor/Supplier Management
LOCATION
Irving, TX
POSTED
30+ days ago

Title: Microsegmentation Engineer

Location: 401 W Las Colinas Blvd Irving, TX

Alternate Locations: Charlotte, NC or Chandler, AZ

Duration: 18 months

Work Engagement: W2

Work Schedule: 3 days in office/2 days remote

Benefits on offer for this contract position: Health Insurance, Life insurance, 401K and Voluntary Benefits

Summary:

We are seeking a Zero Trust / Micro-Segmentation Engineer to advance our enterprise segmentation strategy across hybrid environments. This role is responsible for delivering secure, scalable, and auditable traffic visibility and enforcement, ensuring strong protection against lateral movement while maintaining operational stability.

You will play a key role in driving Zero Trust adoption, managing segmentation platforms (e.g., Illumio or similar), and partnering across engineering, security, and operations teams to enable safe policy enforcement at enterprise scale.

Responsibilities:

Platform Operations & Engineering

  • Operate and mature a micro-segmentation platform (Illumio or equivalent SaaS-based solution)

  • Manage agent lifecycle (e.g., VEN or equivalent) across:

  • Windows

  • Linux

  • Future platforms (e.g., AIX)

  • Support onboarding, migrations, and large-scale deployment efforts

Segmentation Design & Enforcement

  • Design and implement least-privilege segmentation policies

  • Transition safely from visibility mode to enforcement

  • Prevent east-west (lateral) movement within environments while complementing north-south controls (firewalls/WAF)

  • Apply workload labeling and policy modeling best practices

Traffic & Telemetry Analysis

  • Analyze traffic flow telemetry to validate policy accuracy and system health

  • Use SIEM tools (e.g., Splunk preferred) for:

  • Baseline analysis

  • Time-based investigations

  • Distribution and anomaly detection

  • Troubleshoot telemetry ingestion pipelines and identify gaps or delays

Incident Response & Vendor Management

  • Lead incident response and escalation with segmentation platform vendors

  • Partner with vendor engineering teams during:

  • Platform outages

  • Capacity/scaling events

  • Data integrity concerns

Cross-Functional Collaboration

  • Work with Network Engineering, NOC/NMC, Security, and Application teams

  • Coordinate change management and production deployments

  • Communicate risks, impacts, and recommendations clearly across technical and business stakeholders

Governance & Standards

  • Develop and maintain segmentation standards, baselines, and governance controls

  • Ensure policies align with audit, compliance, and risk requirements

  • Support certification of controls for critical systems (e.g., payment or regulated applications)

Qualifications:

  • Applicants must be authorized to work for ANY employer in the U.S. This position is not eligible for visa sponsorship.

Micro-Segmentation & Zero Trust

  • Hands-on experience with workload-level segmentation and lateral movement prevention

  • Proven ability to deploy and enforce policies safely in production environments

Platform Experience

  • Experience with Illumio or equivalent segmentation platforms

  • Understanding of:

  • Agents (e.g., VEN)

  • SaaS policy engines

  • Enforcement modes and migration strategies

  • Comfortable engaging directly with vendor support/engineering teams

Traffic Analysis & SIEM

  • Strong experience using SIEM tools (Splunk preferred)

  • Deep understanding of telemetry pipelines and event ingestion

  • Ability to distinguish between policy issues vs. platform constraints

Infrastructure & Systems

  • Strong fundamentals in:

  • Linux and Windows server environments

  • Network flows and application dependencies

  • Understanding of:

  • East/West vs. North/South traffic patterns

Operational Maturity

  • Experience with incident response and change management

  • Ability to pause or delay enforcement when validation data is insufficient

Communication Skills

  • Ability to translate technical concepts into business and executive-level insights

  • Strong collaboration and influencing skills across teams and vendors

Technical Foundations

  • ~3+ years of experience in:

  • Network engineering / firewall engineering / security engineering

  • Exposure to:

  • Python and/or Ansible for automation

  • ServiceNow (preferred for ticketing/change management)

  • Experience with Splunk logging and analytics

  • Familiarity with cloud environments (Azure preferred) and IAM concepts (RBAC, SaaS auth)

  • Experience integrating telemetry into:

  • SIEM platforms

  • Data lakes or automation pipelines

  • Exposure to:

  • WAF (Web Application Firewalls)

  • Policy certification and audit traceability

  • Background in regulated industries (banking, healthcare, government)

About the Company

W

Wells Fargo & Co

We believe in our vision and values just as strongly today as we did the first time we put them on paper more than 20 years ago. Staying true to them will guide us toward continued growth and success for decades to come. As you read more about our vision and values, you will learn about who we are, where we’re headed and how every Wells Fargo team member can help us get there.

COMPANY SIZE
10,000 employees or more
INDUSTRY
Financial Services
FOUNDED
1852