We are seeking a Lead Engineer to own and evolve the Checkmarx application security scanning platform at enterprise scale. This role blends Site Reliability Engineering (SRE), platform automation, and DevSecOps enablement, ensuring Checkmarx remains highly available, scalable, secure, and deeply integrated into CI/CD pipelines.
The Lead Engineer will act as the technical authority for Checkmarx, driving reliability, performance, automation, upgrades, and cloud/container modernization while partnering with Application Security, DevOps, and Engineering teams.
Key Responsibilities
Platform Ownership & Reliability (SRE)
- Own end-to-end reliability, availability, and performance of the Checkmarx SAST platform across non-prod, prod, and BCP environments
- Define and manage SLIs, SLOs, error budgets, and operational KPIs for scanning throughput, queue latency, and platform health
- Lead incident response, root cause analysis (RCA), and permanent remediation for platform outages or scan failures
- Proactively identify capacity, scaling, and performance bottlenecks (engines, managers, DB, storage, network)
Automation & Engineering Excellence
- Design and implement automation for provisioning, configuration, scaling, upgrades, and maintenance of Checkmarx components
- Build Infrastructure as Code (IaC) using tools such as Terraform, Ansible, or equivalent
- Automate routine operational tasks (engine lifecycle, scan queue tuning, data retention, index maintenance, backups)
- Reduce toil by converting manual operational work into resilient, self-healing automation
DevSecOps & CI/CD Integration
- Own and enhance Checkmarx integrations with CI/CD platforms (GitHub, Jenkins, Azure DevOps, Harness, etc.)
- Ensure seamless developer experience with pipeline-based security scanning and fast feedback loops
- Partner with Application Security teams to improve scan performance, false-positive reduction, and adoption
Observability & Monitoring
- Implement and maintain full-stack observability (metrics, logs, alerts, dashboards) using tools such as Splunk, Prometheus, Grafana, AppDynamics, etc.
- Build actionable alerts to detect scan backlog growth, engine saturation, DB/storage issues, and platform degradation
- Drive proactive monitoring rather than reactive firefighting
Modernization & Continuous Improvement
- Lead platform upgrades, hotfixes, and vendor-recommended lifecycle management
- Drive containerization and cloud-readiness initiatives for Checkmarx components where applicable
- Improve resiliency through active-active / DR strategies, backup validation, and BCP testing
- Evaluate new Checkmarx features, plugins, and security scanning enhancements
Technical Leadership
- Serve as SME and technical escalation point for Checkmarx across the enterprise
- Mentor engineers and promote SRE best practices, automation standards, and operational excellence
- Produce clear architecture, runbooks, and operational documentation
- Influence roadmap decisions with data-driven insights and engineering rigor
Required Qualifications
Core Technical Skills
- 5+ years of Systems Engineering, Technology Architecture experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
- 5+ years of experience in Platform Engineering, SRE, DevOps, or Systems Engineering roles
- Hands-on experience with Checkmarx (SAST) or similar AppSec scanning tools (e.g., Fortify, Veracode, SonarQube)
- Strong experience with Windows-based systems, networking, storage, and performance tuning
- Solid understanding of CI/CD pipelines and DevSecOps practices
- Proven experience applying SRE principles (SLIs, SLOs, error budgets, toil reduction)
- Strong automation skills using Python, Bash, PowerShell, or similar scripting languages
- Experience with Infrastructure as Code (Terraform, Ansible, CloudFormation, ARM, etc.)
- Expertise in monitoring, logging, and alerting platforms (Splunk, Prometheus, Grafana, AppDynamics, Elastic, etc.)
- Deep troubleshooting skills across application, OS, database, and infrastructure layers
Desired Qualifications
- Experience running security scanning platforms at enterprise scale (thousands of projects, high scan concurrency)
- Experience with container platforms (Kubernetes, OpenShift) and cloud environments (Azure, AWS, GCP)
- Knowledge of application security concepts (SAST, SDLC security, vulnerability management workflows)
- Experience with database platforms (MS SQL, PostgreSQL) and large-scale data growth management
- Prior experience leading platform modernization or large tool upgrades
What Success Looks Like
- Checkmarx platform is highly reliable, scalable, and predictable
- Scan queues are optimized with minimal developer friction
- Operational toil is significantly reduced through automation
- Incidents are rare, well-understood, and quickly remediated
- Engineering and Security teams trust and rely on the platform
Top Skills
What We Do
Wells Fargo & Company (NYSE: WFC) is a leading financial services company that has approximately $2.1 trillion in assets. We provide a diversified set of banking, investment and mortgage products and services, as well as consumer and commercial finance, through our four reportable operating segments: Consumer Banking and Lending, Commercial Banking, Corporate and Investment Banking, and Wealth & Investment Management. Wells Fargo ranked No. 33 on Fortune’s 2025 rankings of America’s largest corporations. Our technology professionals drive innovation, information security, and big data analytics while maintaining a network that handles more than 12 billion customer interactions a year. Join us! Are you looking for more? Find it here. At Wells Fargo, we're more than a financial services leader – we’re a global trailblazer committed to driving innovation, empowering communities, and helping our customers succeed. We believe that a meaningful career is much more than just a job – it’s about finding all of the elements to help you thrive, in one place. Living the Well Life means you’re supported in life, not just work. It means having robust benefits, competitive compensation, and programs designed to help you find work-life balance and well-being. You’ll be rewarded for investing in your community, celebrated for being your authentic self, and empowered to grow. And we’re recognized for it – Wells Fargo once again ranked in the top three – making us the #1 financial services employer – on the 2025 LinkedIn Top Companies list of best workplaces “to grow your career” in the U.S. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic. © 2026 Wells Fargo Bank, N.A. All rights reserved. Member FDIC.
Why Work With Us
We're known for our “Well Life” approach to supporting employees’ career aspirations, work-life balance, and mental and physical health. We ranked in the top 3 on the 2025 LinkedIn Top Companies list – and #1 among financial services companies – as the best workplace “to grow your career” in the U.S.
Gallery
Wells Fargo Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
