U.S. Bank Principal Security Engineer - Remote in Las Vegas, Nevada
U.S. Bank is seeking a Principal Security Engineer with demonstrated competence and visionary leadership experience to contribute toward the success of our technology initiatives. Provides technical expertise in development and support of all activities, processes, and tools for protecting technology-based information. Leads enterprise-wide definition, establishment, and maintenance of data, security-related infrastructure, applications, and processes. Provides technical support to clients, management, security administrators, and network operations. Reviews, develops, tests, and implements security plans, products, and control techniques. Reviews circumstances surrounding data security incidents and designs corrective actions. Documents security policies and procedures. Provides implementation support for risk assessment and data security procedures and products. Evaluates new and proposed security systems and technologies.
The Principal Security Engineer is focused on the support of the incident response and investigations team for the US Bank information security program. The primary duties will include information security incident response handling and involve responding to cyber security threats. Additional duties include investigations, forensics and eDiscovery as well as close collaboration with the security operations center, architecture, operations, and other business lines.
Maintain records of all investigation and threat intelligence activities and file them in the associated case records. Use technical expertise to evaluate incident response procedures to ensure that procedures and tools are optimized.
Review and track detected incidents to identify new exploits, threats, mitigation strategy and enforce incident reporting standards. Must understand exploits and be able to brief senior leadership on the impact to US Bank environment as well as the method of compromise and mitigation.
Lead in depth technical analysis of new and emerging information security threats and provide training on the analysis to the existing team.
Develop, measure, and report on metrics in intelligence gathering, emerging risk mitigation, and malware analysis.
Analyze threats and vulnerabilities to determine their impact to US Bank's operations.
Assist with Investigations and eDiscovery efforts involving court-proven forensic processes and technologies.
Establish and maintain cohesive working relations with team members, management, key strategic business partners and vendors.
Successful applicants will exemplify US Bank's ethical principles of uncompromising integrity, respect for others, accountability for decisions and actions, and good citizenship.
Leaders at U.S. Bank consistently demonstrate integrity and ethics, maturity and resilience, and inspire trust and confidence among their teams. Our leaders are strong communicators who promote collaborative relationships, influence others, and value the diversity of backgrounds and ideas among their employees.
Bachelor's degree in Engineering or Science, or equivalent work experience
Eight or more year of experience in information security
Two or more years of experience in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management
Relevant professional certifications or licenses such as CISSP, CHFI, CEH preferred
Minimum 2 years of recent forensic technology experience with EnCase or Tanium
2 years as a software or web developer a plus.
2 years of relevant experience working in the information security required.
2 years experience with information security incident response/handling required.
1 years experience with Cloud Security architecture and response
1 years experience with fraud investigation and analysis a plus.
1 years advanced knowledge of network protocols, Windows and UNIX operating systems, and security exploits/tools a plus
1 years of knowledge and experience analyzing Trojans, keyloggers, worms, viruses, rootkits, and hacker methodologies a plus.
Knowledge of cyber threat groups, hacking tools and techniques such as SQL Injection.
Ability to research and deliver Threat Intelligence that may impact US Bank or customers.
Moderate knowledge of common operating systems and file systems for Windows and Unix as well as the integration of forensic tools and business application platforms with an understanding of enterprise architecture.
Moderate understanding on network protocols and network devices such routers, switches, proxy servers, VPN and intrusion detection systems.
Experience in log analysis involving logs from network devices (i.e. Firewalls), servers (i.e. web servers) and clients.
Understanding of security logging, monitoring and event management tools.
Moderate experience in Data Mining and Reporting.
Advanced Proficiency in Windows Office Suite (Word, Excel, PowerPoint, Visio, SharePoint).
Proficient in developing and presenting, both verbally and in writing, highly technical communications to technical and non-technical audiences at all levels of the organization.
Large (Fortune 500) enterprise experience.
Experience with the following tools: Threat Intelligence Platforms, Security Automation Orchestration, Capture the Flag events, and Red Team Activities
Extensive experience in:
-Product and vendor evaluation
-IT standards, procedures, policy
Subject matter expert in:
-Information security technologies
-Information security management
-Information security architecture
-Information security audits
-Information security administration
-Network and internet security
Job: Information Technology
Primary Location: Minnesota-MN-Richfield
Shift: 1st - Daytime
Average Hours Per Week: 40
Requisition ID: 190027306
Other Locations: United States
U.S. Bank is an Equal Opportunity Employer committed to creating a diverse workforce.
U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors.