U.S. Bank Senior Threat Detection Engineer - Cincinnati, OH or Richfield, MN in Richfield, Minnesota
At U.S. Bank, we're passionate about helping customers and the communities where we live and work. The fifth-largest bank in the United States, we’re one of the country's most respected, innovative and successful financial institutions. U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors.
Job Description U.S. Bank’s Security Operations team is responsible for providing threat intelligence, event monitoring, incident response, detection engineering and threat hunting for all business areas of U.S. Bank in a highly collaborative, fast paced environment. As a member of the Threat Detection Team, a candidate can be expected to utilize his/her technical expertise to create detection logic to identify prioritized threats using logs and security telemetry. The ideal candidate can dissect an adversary TTP and identify the logs and technologies required to identify that behavior in the U.S. Bank environment. In addition, this candidate will focus on supporting, automating, and enhancing the threat detection engineering lifecycle to advance the in-house detection and response capabilities. Qualifications/Requirements: • Bachelor’s Degree in an IT related field and/or equivalent work experience (preferably computer engineering or computer science) • Minimum 5 years working in cyber defense with experience in Incident Response, Incident Handling, Security Operations Center (SOC), threat detection engineering, threat Intelligence, threat hunting, or similar functions • Experience crafting logic that detects anomalous in user, network, host, or cloud activity in a high-fidelity manner. • Advanced knowledge in network, systems, cloud, containers, and web application attacks and mitigations. • Experience in applying detection and response concepts to On-Premise and Cloud environments. (AWS, Azure, GCP) • Hands-on technical expertise in building scripts, tools, or methodologies that enhance threat detection and incident response capabilities. (Preferably SPL, SQL, and Python) • Ability to identify threats and adversaries by applying logic to logs and security telemetry. • Knowledge of industry recognized security and analysis frameworks (Mitre ATT&CK, Kill Chain, NIST Incident Response, CIS, etc.) • Prior offensive security experience i.e. Red Team, Pen Testing. • Strong communication and documentation skills with experience briefing executives and senior leadership. • Understanding of offensive security principles i.e. Threat Informed Defense Methodology aligning to the MITRE ATT&CK framework. • Understanding of Security Optimization, Breach & Attack, and Continuous Monitoring technologies. • Must be self-motivated and able to work both independently and as part of a team. • Willingness to provide support during nontraditional working hours or work in an on-call fashion. Basic Qualifications - Bachelor's degree in Engineering or Science, or equivalent work experience - Eight or more year of experience in information security - Two or more years of experience in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management
Preferred Skills/Experience • Ability to prioritize work based on risks and business needs • Experience developing software automation solutions • Experience in data engineering • UNIX systems experience and a solid foundation on operating system fundamentals • Previous experience providing incident response/offensive security/SOC support for Fortune 1000 companies • Previous experience working with SIEM and automation tools. • Previous experience working with network tools and technologies such as firewall (FW), proxies, IPS/IDS devices, full packet capture (FPC), and email platforms • Previous experience architecting sandbox environments • Experience with agile methodologies, separation of duties and change control • Relevant certifications preferred but not required (CISSP, OSCP, GCIA, GCIH, GCFA, GNFA, etc)
Benefits: Take care of yourself and your family with U.S. Bank employee benefits. We know that healthy employees are happy employees, and we believe that work/life balance should be easy to achieve. That's why we share the cost of benefits and offer a variety of programs, resources and support you need to bring your full self to work and stay present and committed to the people who matter most - your family.
Learn all about U.S. Bank employee benefits, including tuition reimbursement, retirement plans and more, by visiting usbank.com/careers.
EEO is the Law Applicants can learn more about the company’s status as an equal opportunity employer by viewing the federal EEO is the Law poster.
E-Verify U.S. Bank participates in the U.S. Department of Homeland Security E-Verify program in all facilities located in the United States and certain U.S. territories. The E-Verify program is an Internet-based employment eligibility verification system operated by the U.S. Citizenship and Immigration Services. Learn more about the E-Verify program.
U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors.