U.S. Bank Jobs

Job Information

U.S. Bank Sr. Insider Threat Security Analyst in Cincinnati, Ohio

At U.S. Bank, we’re on a journey to do our best. Helping the customers and businesses we serve to make better and smarter financial decisions and enabling the communities we support to grow and succeed. We believe it takes all of us to bring our shared ambition to life, and each person is unique in their potential. A career with U.S. Bank gives you a wide, ever-growing range of opportunities to discover what makes you thrive at every stage of your career. Try new things, learn new skills and discover what you excel at—all from Day One.

Job Description

Supports and analyzes threat detection for the Information Security Insider Threat program. Works with and mentors a team of analysts in the identification and development of new processes and techniques to analyze information with the goal of detecting risks and gaps in the areas of people, processes, and technology. Utilizes understanding of Insider Threat principles to identity trends and patterns which can assist the Data Science team in the development of new detection rules and models. Follows insider threat hunting methodology to validate hypothesis. Assists in the development, coaching, and mentorship of a team of insider threat analysts.

The role offers a hybrid/flexible schedule, which means there’s an in-office expectation of 3 or more days per week and the flexibility to work outside the office location for the other days at one of the following locations:

  • Cincinnati, OH

  • Minneapolis, MN

  • Charlotte, NC

Preferred Skills/Experience

  • Typically a Bachelor's degree, or equivalent work experience

  • Typically seven or more years of relevant experience

  • Comprehensive understanding of data loss prevention and insider threat prevention concepts

  • Advanced understanding of cloud environments and relational databases

Job Description:

U.S. Bank is seeking a Sr. Insider Threat Analyst to support analysis and threat detection for the Information Security Insider Threat (ISIT) program. The candidate will have a comprehensive understanding of data loss prevention and insider threat prevention concepts, technical expertise, and analytical capabilities to detect patterns and anomalies across data sets of technical and non-technical indicators. The ideal candidate will be excited to bring their years of Insider Threat and Security Hunting experience to the team to help mature fellow analysts and drive the program forward; all while remaining open to constructive criticism and coaching from others.

Responsibilities:

  • Work with and help to mentor and mature a team of analysts in the identification and development of new processes and techniques to analyze information with the goal of detecting risks and gaps in the areas of people, processes, and technology.

  • Utilize your understanding of Insider Threat principles to identify trends and patterns which can assist the Data Science team in the development of new detection rules and models.

  • Articulate the implications of the risks relative to insider threats and educate junior team members, team leadership, and other relevant stakeholders on the potential impact of these risks.

  • Query databases, including filtering, joins, unions, and aggregate functions.

  • Conduct log file analysis to recognize and report activity of concern.

  • Review data and behaviors to identify problems from multiple angles, gather information, and understand and articulate information gaps needed to produce best results.

  • Work independently and with teams to define and complete analysis activities (both new and repeatable)

  • Document findings in a manner that technical and non-technical stakeholders can consume while being prepared to explain the details of your analytic work to team leadership and customers.

  • Perform initial analysis on data from systems to identify unexpected or malicious activity across channels while keeping the bigger picture in mind of how this activity fits into the overall threat landscape.

  • Assist in building processes, procedures, and training for the Insider Threat program

  • Maintain knowledge and educate other analyst team members in current technologies, developments, security compliance requirements, standards, and industry trends to help achieve the department's goals.

  • Assist in the coaching, development, and mentorship of a growing team of insider threat analysts for continuous improvement in current roles and for potential future career growth.

  • Ability to follow insider threat hunting methodology to validate hypothesis.

  • Collaborate with the Data Science and Insider Threat Hunt teams to provide suggestions and feedback for validation and improvement of various tools, models, and processes.

Basic Qualifications:

  • Bachelor's degree or equivalent work experience

  • At least 7+ years of experience with processes, tools, techniques, and practices for assuring adherence to standards associated with accessing, altering, and protecting organizational data.

Experience Should Include:

  • 5+ years experience supporting an enterprise-wide Insider Threat programincluding at least 2+ years in a leadership or training role.

  • 2+ years experience in Security or Insider Threat hunting

  • Comprehensive understanding of data loss prevention and insider threat prevention concepts

  • Technical expertise, and analytical capabilities to detect patterns and anomalies across data sets of technical and non-technical indicators

  • Advanced knowledge of query writingwith SQL or SPL.

  • Experience analyzing security events and activities with a variety of data analysis and visualization tools (such as: Splunk, NetWitness, Proofpoint, Risk 360)

  • Experience with NIST 800 series, NIST CSF, and ISO 27000 series frameworks

  • Advanced understanding of cloud environments (AWS, AZURE, and GCP)

  • Advanced understanding of relational databases and big data databases

  • Expert-level ability to analyze log activity on network devices, servers (i.e. web servers) and clients

  • Professional communication skills, both oral andwritten.

  • Demonstrated critical thinking and problem-solving skills.

     Preferred Skills:

  • Insider Threat-specific training/certifications such as Certified Counter-Insider Threat Professional-Fundamentals (CCITP-F), Certified Counter-Insider Threat Professional-Analysis (CCITP-A), the NITTF Hub Operations Course, or CERT Insider Threat course work and certifications.

  • Industry certifications in information security, project management, and technology auditing including, CISSP, CISM, CGEIT, CISA, GIAC GSEC, and/or PMP

  • Ability and willingness to mentor, coach, and train other analysts on the team while remaining open to constructive criticism and coaching from others

  • Desire and motivation to contribute and help to push the team forward in all areas – the ideal candidate will not have a “that’s not my job” mentality

  • Comfort collaborating regularly within team in addition to independent collaboration with relevant stakeholders outside of the team

  • Analytic mindset – the perfect candidate should enjoy the process of conducting deep-dive analysis on difficult problem sets and be comfortable forming assessments and conclusions without a prescribed step-by-step procedure for every situation.

  • Experience participating in or leading Agile-based product teams.

If there’s anything we can do to accommodate a disability during any portion of the application or hiring process, please refer to our disability accommodations for applicants (https://careers.usbank.com/global/en/disability-accommodations-for-applicants) .

Benefits:

Our approach to benefits and total rewards considers our team members’ whole selves and what may be needed to thrive in and outside work. That's why our benefits are designed to help you and your family boost your health, protect your financial security and give you peace of mind. Our benefits include the following (some may vary based on role, location or hours):

  • Healthcare (medical, dental, vision)

  • Basic term and optional term life insurance

  • Short-term and long-term disability

  • Pregnancy disability and parental leave

  • 401(k) and employer-funded retirement plan

  • Paid vacation (from two to five weeks depending on salary grade and tenure)

  • Up to 11 paid holiday opportunities

  • Adoption assistance

  • Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law

EEO is the Law

U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors. Applicants can learn more about the company’s status as an equal opportunity employer by viewing the federal KNOW YOUR RIGHTS (https://eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf) EEO poster.

E-Verify

U.S. Bank participates in the U.S. Department of Homeland Security E-Verify program in all facilities located in the United States and certain U.S. territories. The E-Verify program is an Internet-based employment eligibility verification system operated by the U.S. Citizenship and Immigration Services. Learn more about the E-Verify program (https://careers.usbank.com/verification-of-eligibility-for-employment) .

The salary range reflects figures based on the primary location, which is listed first. The actual range for the role may differ based on the location of the role. In addition to salary, U.S. Bank offers a comprehensive benefits package, including incentive and recognition programs, equity stock purchase 401(k) contribution and pension (all benefits are subject to eligibility requirements). Pay Range: $108,375.00 - $127,500.00 - $140,250.00

Job postings typically remain open for approximately 20 days of the posting date listed above, however the job posting may be closed earlier should it be determined the position is no longer required due to business need. Job postings in areas with a high volume of applicants, such as customer service, contact center, and Financial Crimes investigations, remain open for approximately 5 days of the posting listed date.

DirectEmployers