U.S. Bank Senior Threat Management Engineer in Dover, Delaware
U.S. Bank is seeking an experienced Senior Threat Management Engineer with demonstrated competence and thought leadership capability to contribute toward the success of our technology initiatives. The Duties of the Senior Threat Management Engineer include understanding the current threat landscape and managing detection and protection measures across all security controls. This position will require extensive knowledge of the security space as it relates to technology, social, and cyber threats. The candidate must be able to review and track detected incidents, identify new exploits and/or threats, and develop mitigation strategies. Candidate needs to be able to identify the necessary actions required to investigate and contain threats. Candidate must have a proactive computer network defense mindset which they use to develop comprehensive remediation strategies and provide technical guidance. This is a high visibility, high stress position. Candidate will work to continuously improve our ability to detect, prevent, and mitigate security events. Actions taken by this individual impacts the security and functionality of the enterprise IT for the entire bank.
• Develop and contribute to threat management framework, requirements and strategy.
• Develop and maintain standard operating procedure (SOP) documentation.
• Analyze threats and vulnerabilities to determine their impact to US Bank's operations.
• Establish and maintain cohesive working relationships with team members, management, key strategic business partners, and vendors.
• Understand the threat actor’s Tactics, Techniques and Procedures
• Assist in post-mortem evaluations on cyber security incidents. Proactively researches emerging cyber threats. Applies expert understanding of hacker methodologies and tactics, system vulnerabilities and key indicators of attacks and exploits
• Acquires and applies expert knowledge of the business, its products and processes
• Directs analyses and root cause identification; develops and recommends business solutions impacting the enterprise.
• Candidates must be well versed in common network scanning tools that support network discovery, compliance reporting, and vulnerability assessment.
• Bachelor's degree in Engineering or Science, or equivalent work experience
• Eight or more year of experience in information security
• Two or more years of experience in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management
Required Skills / Experience
• Must possess strong analytical & evaluative thinking
• Knowledge of the MITRE PRE-ATT&CK and ATT&CK framework.
• Bachelor's degree and minimum 8 years of IT experience and at least 5 years of experience in information security
• Demonstrated experience in developing rules to alert, prevent, and mitigate threats using network and endpoint technologies
• Experience in user-behavior tools and applications.
• Thorough understanding of the cyber kill chain
• Awareness of the latest cyber-intelligence collection trends and developments
• Experience developing threat briefings for consumption by senior management
• Experience with forensic tools and operating system internals.
• Ability to extract host and network-based IOCs to provide requirements for detection and prevention
• Ability to work nontraditional working hours when necessary
• Understanding of network protocols and services
• Strong written and verbal skills with the ability to present complex concepts at high level
• Programming and scripting experience, including Python and PowerShell.
Job: Information Technology
Primary Location: Minnesota-MN-Richfield
Shift: 1st - Daytime
Average Hours Per Week: 40
Requisition ID: 180028733
Other Locations: United States, Ohio-OH-Cincinnati
U.S. Bank is an Equal Opportunity Employer committed to creating a diverse workforce.
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled