Information Security Engineering Senior Manager

About this role:
Wells Fargo is seeking an Information Security Senior Manager in Cybersecurity as part of Identity Access Management. Learn more about career areas and business divisions at wellsfargojobs.com
This senior identity leader will be responsible for the secure design, operation, and evolution of large-scale Active Directory, Microsoft Entra, and Linux authentication platforms.
This role is both a people leader and a hands-on technical authority, managing a team of senior engineers and architects while owning the security architecture, resiliency, and operational integrity of the firm's most critical identity infrastructure.
The role works in very close partnership with the Head of IAM Architecture, Head of IAM Engineering, and IAM Product Development and Support teams to ensure directory and authentication platforms are architected correctly, engineered securely, and operated reliably at enterprise scale.
In this role, you will:
Leadership & Team Management

• Lead and manage a team of directory services and authentication engineers and architects responsible for day-to-day platform design, implementation, and support.
• Set technical direction, architectural standards, and execution priorities for the team in alignment with enterprise IAM strategy.
• Ensure strong engineering discipline, documentation standards, and design review rigor across all directory and authentication initiatives.
• Act as an escalation point for complex architectural, security, and availability issues affecting identity platforms.
• Develop and mentor senior technical talent, building depth and succession within the directory and authentication domain.

Enterprise Active Directory Security Architecture

• Serve as the accountable design authority and platform owner for very large, security-sensitive Active Directory environments.
• Define and govern forest and domain architecture, including trust models, isolation strategies, and blast-radius containment.
• Own OU design, delegation models, administrative separation, and naming conventions.
• Establish and enforce Group Policy architecture and security baselines.
• Lead Active Directory security hardening, including privileged tiering, administrative isolation, and reduction of legacy exposure.
• Architect protections against credential theft, lateral movement, and domain compromise, ensuring alignment with modern threat models and regulatory expectations.

Microsoft Entra Architecture

• Own architecture for hybrid and cloud-native identity, including integration between Active Directory and Microsoft Entra.
• Define synchronization, attribute governance, and source-of-authority models appropriate for enterprise scale.
• Ensure Entra architecture aligns with Zero Trust principles and enterprise access management standards.

Linux Authentication Platform Ownership

• Own the enterprise Linux authentication architecture and its integration with Active Directory and Microsoft Entra.
• Define secure, scalable patterns for centralized Linux authentication, authorization, and privilege enforcement.
• Ensure consistent authentication architecture across on-prem, private cloud, and public cloud Linux environments.
• Partner with infrastructure and platform teams to standardize Linux authentication and reduce platform-specific risk.

Resilience, Replication & Disaster Recovery

• Architect and own high availability and disaster recovery strategies for directory and authentication platforms.
• Define replication topology, site design, and failover patterns to meet enterprise RTO and RPO requirements.
• Ensure identity service continuity during cyber events, outages, and major infrastructure incidents.
• Participate in and lead resilience testing and recovery exercises related to identity infrastructure.

Platform Integration & Cross-Team Collaboration

• Work very closely with the Head of IAM Architecture to ensure directory and authentication platforms align with enterprise identity standards and target-state architecture.
• Partner with the Head of IAM Engineering to ensure architectural intent is translated into secure, reliable engineering implementation.
• Collaborate with IAM Product Development and Support teams to ensure authentication platforms meet product requirements, scale reliably, and are supportable in production.
• Define and govern integration patterns between Active Directory, Microsoft Entra, Linux authentication platforms, and downstream identity providers.
• Serve as the final architectural approver for changes impacting directory and authentication platforms.

Required Qualifications:

• 6+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 3+ years of management or leadership experience
• 6+ years of experience designing, operating, and securing enterprise- level Active Directory environments

Desired Qualifications:

• Demonstrated experience owning Active Directory security architecture in a highly regulated enterprise.
• Proven people management experience leading senior engineering and platform teams.
• Deep hands-on expertise with Microsoft Entra and hybrid identity architectures.
• Strong experience designing high availability, replication, and disaster recovery for identity platforms.
• Experience operating under regulatory, audit, and cyber-resiliency scrutiny.
• Experience implementing privileged access isolation and admin forest models.
• Experience supporting Zero Trust identity architectures.
• Background in financial services or similarly regulated industries.
• Experience leading large-scale identity or infrastructure modernization initiatives.

Locations:

• 401 Las Colinas Blvd W Bldg. A - Irving, TX 75039
• 194 S Wood Ave - Iselin, NJ 08830

Posting Statements:

• Job posting may come down early due to volume of applicants.
• Required location(s) listed above. Relocation assistance is not available for this position
• Salary range is determined by location of the job. May be considered for a discretionary bonus, Restricted Share Rights, or other long - term incentive awards.
• This position is not eligible for visa sponsorship