Thread regarding Wells Fargo & Co. layoffs

Application Security

Every person they have hired recently or promoted is technically backward with poor work ethic, and is a friend of the hiring manager. This has increased in the past year or so. They fail audits, don’t listen to knowledgeable employees and have managers who are either ill educated or ill informed. They are a risk to the company,

The company should be careful, and so should anyone looking for jobs in this organization.

by
| 841 views | | 8 replies (last November 19, 2024) | Reply
Post ID: @OP+1vvM9jyL

8 replies (most recent on top)

Given who hired who in the upper levels, clearly DEI hire. And these guys are following thru.
This should stop, and all in this whole area be replaced.

Last year, a very good manager got laid off because DEI team members ganged up on this person. They even lied - told the manager to resign, when actually it was a firing. One can question the legality of this act.

by
| | Reply
Post ID: @4zlu+1vvM9jyL

It's called a DEI hire and yes they are sub-standard.

a company will die with DEI.

by
| | Reply
Post ID: @4qaf+1vvM9jyL

Former AppSec from WF here FFIEC/ProdPT/DAST let me tell you all, these are “check the box” groups who point and click scan being paid 150k a year to do basically nothing. 99% of the individuals within those groups don’t even understand applications basics such as client or server side logic.

FWIW I tried to make a difference by helping correct their sh---y understandings of tech and was told since it didn’t fit into the EASP program it was an opinion.

by
| | Reply
Post ID: @3qnk+1vvM9jyL

And yes ,,,,,..when told that Jira isn’t working….they don’t get it …purposely…so they don’t improve the process…and remain status quo……..its too much for them!

The whole group and their Managers ought to be replaced……they are a business risk …a huge business risk.

by
| | Reply
Post ID: @3wzh+1vvM9jyL

All worsened significantly after the new Head was hired last year, soon after which his quality was obvious. As I see it even now, and as others have added to the chain, the ASC community is a gang of know it alls, who know very little, and place businesses in jeopardy. Almost all are still remote, spend only about 4 hours a day at work, and take three times the time in completing their work.
I have heard more than one ASC justify being off line, because they are “working”. Now, how crazy is that?

It is a terrible environment run by incompetents.

by
| | Reply
Post ID: @3oat+1vvM9jyL

Oh, it's God-aweful. Want to save a bunch of money - throw these waste of space ASC's to the curb. We can literally write down any finding because they are too stupid to even know the difference between different libraries. They send us hundreds of false positives - C# vulns in a Java app - good job guys. Luckily they only hire aged out vets that have written a line of code.

by
| | Reply
Post ID: @1zlk+1vvM9jyL

The are truly awful and unqualified. I won't go into details, but there are tax credits involved.

We had on Revolutionary War re-enactor with rage issues and 0 AppSec experience. Then we had (and I feel bad) a special hire that was trying his hardest, but woefully under-qualified and not able to communicate basic concepts. Finally we have a used car sales man pushing "shift left" technology calling meetings very early and very late, responding to Jira tickets in the middle of the night. Very obviously working 2 jobs. He can't tell the difference between Visual Studio and VS Code.

They all have one thing in common - they hide behind process and Jira tickets. I have never been anywhere with so many false positives.

Wells Fargo's AppSec Process is a Joke!!!

by
| | Reply
Post ID: @1tow+1vvM9jyL

The past ten years.

by
| | Reply
Post ID: @nfh+1vvM9jyL

Post a reply

: