Lead DLP Content Development Information Security Engineer

Position Overview

Wells Fargo is seeking a Lead DLP Content Development Information Security Engineer with deep expertise in Data Loss Prevention (DLP) policy authoring and content development. This role is responsible for designing, authoring, testing, and tuning DLP rules that protect sensitive data across email, endpoints, web, and SaaS/collaboration channels. The ideal candidate translates business and regulatory requirements into precise detection logic, continuously improves signal quality, and produces clear technical documentation and stakeholder communications. This role sits at the intersection of engineering, risk, and operations, partnering closely with Information Protection, Incident Response, Legal, Risk, and platform teams to implement effective, scalable DLP controls.

Key Responsibilities

• Author, maintain, and optimize DLP rules and policies using techniques such as regular expressions, keyword/dictionary‐based detection, Exact Data Match (EDM)/Indexed Data Match (IDM), document fingerprinting, machine-learning classifiers, and classification labels.
• Translate business requirements, regulatory obligations, and risk scenarios into detection logic, comprehensive test cases, and promotion criteria.
• Conduct technical investigations of security events and incidents, including post-incident analysis and digital forensics to identify root causes and recommend long-term mitigation strategies.
• Continuously tune DLP policies to reduce false positives and negatives using telemetry, triage feedback, and controlled experimentation while measuring efficacy.
• Manage DLP policy-as-code artifacts through version control, peer review, and change management processes, ensuring traceability from requirements to implementation.
• Develop and maintain operational runbooks, exception and release-code workflows, user-facing guidance, FAQs, and release notes for policy updates and changes.
• Partner with DLP operations and Incident Response teams to triage alerts, analyze trends, drive corrective actions with data owners, and application teams.
• Define, track, and report key performance and risk indicators (KPIs/KRIs) including alert volumes, false-positive rates, channel coverage, and policy maturity.
• Support audits and regulatory exams by preparing evidence, maintaining documentation, and supporting periodic reviews.
• Align DLP rules and enforcement with Wells Fargo's information classification and labeling program.
• Serve as a subject matter expert for SaaS and application security reviews, AppMail/data-egress use cases, and secure data-sharing controls.
• Collaborate cross-functionally with Information Protection, Risk, Legal, Messaging & Collaboration, Endpoint, and Cloud teams to deploy and evolve controls.
• Mentor peers and contribute to standards, reusable patterns, and best practices for DLP engineering and security content development.

Required Qualifications

• 5+ years of Engineering experience, or equivalent demonstrated through work experience, training, military service, or education
• 5+ years of experience in information protection, DLP engineering, or security content development
• Hands-on experience authoring and managing policies on one or more enterprise DLP platforms such as Microsoft Purview, Broadcom (Symantec) DLP, Forcepoint, Proofpoint, Zscaler or equivalent technologies
• Strong expertise in regex and pattern-matching techniques with working knowledge of EDM/IDM, sensitive data types (PII, PHI, PCI), and data classification and labeling
• Familiarity with modern collaboration and productivity platforms including Microsoft 365 (Exchange, SharePoint, OneDrive, Teams) and/or Google Workspace
• Scripting and query proficiency (PowerShell, SQL, and/or Python) with experience in Git-based version control and CI/CD workflows
• Excellent written communication and documentation skills for both technical and non-technical audiences

Preferred Qualifications

• Experience in financial services or other highly regulated industries with familiarity with NIST 800-53/800-171, ISO/IEC 27001, and data privacy/protection requirements
• Knowledge of endpoint DLP, CASB/SSE, secure web gateways, email security, OCR, and document fingerprinting technologies
• Background in exception governance and release-code processes balancing risk exposure, business needs, and user experience
• Relevant certifications such as SC400 or SC100, CISSP, CCSP, and GIAC

Benefits & Perks

• Salary: $119,000.00 - $224,000.00
• Benefits: Health benefits, 401(k) Plan, Paid time off, Disability benefits, Life insurance, critical illness insurance, accident insurance, Parental leave, Critical caregiving leave, Discounts and savings, Commuter benefits, Tuition reimbursement, Scholarships for dependent children, Adoption reimbursement
• Schedule: Hybrid work schedule
• Location: 1525 WT Harris Blvd, Charlotte, NC; 300 South Brevard, Charlotte, NC; 2600 S Price Rd, Chandler, AZ; 194 Wood Ave S, Iselin, NJ; 550 4th St, Minneapolis, MN; 333 Market St, San Francisco, CA; 1302 El Camino Menlo Park, CA
• Ability to travel up to 10% and work in a fast-paced environment while balancing multiple priorities