U.S. Bank Cyber Defense Data Protection Operations Engineer - Telecommute in St. Paul, Minnesota
At U.S. Bank, we're passionate about helping customers and the communities where we live and work. The fifth-largest bank in the United States, we’re one of the country's most respected, innovative and successful financial institutions. U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors.
Job DescriptionThe Principal Security Operations Engineer will be primarily responsible for implementing and supporting security solutions and technologies to help protect the organization’s data resources from unauthorized access, use, disclosure, destruction, modification, or disruption. Responsible for the delivery of applications and infrastructure that meet the highest standards, thus maintaining and enhancing customer trust. Analyzes system services, operating systems, networks and applications from a security perspective, discovering security issues that appear under new threat scenarios.
Main Function The Data Protection Operations Engineer is a critical role within the Information Security Technology Operations team, focused on solutions that identify and protect sensitive bank information from threats and misuse. The incumbent will focus on implementing and supporting sustainable tools and technologies pertinent to securing sensitive data in transit and at rest through the use of Cloud Access Security Broker (CASB), Native Cloud Data Protection tools, Vendor Data Leakage Protection (DLP), Database Monitoring, Tokenization, and Encryption technologies. The position will perform as a subject matter expert (SME) for data protection technologies, including capacity planning and improvement of solution health, performance, stability, and ongoing support. Additional responsibilities include creating diagrams, reports, procedure documentation, implementing organizational policies, upgrades, and ensuring implemented solutions meet the security requirements for supported projects and initiatives. Main Duties Serve as a Level 3 Engineer for the pertinent technologies. Perform management activities such as design, implementation, monitoring, capacity planning, scalability testing, fail-over testing, backup/recovery planning, disaster recovery and performance and security baselines. Implement tasks/projects critical to the organization’s data protection technologies. Deploy and support data protection monitoring and prevention tools with primary focus on our Cloud DLP solutions and Cloud Access Security Broker (CASB) tools. Participate as SME in the team that supports Data Leakage Protection (DLP), Database Monitoring, Tokenization, and Encryption). Develop and support detection rules for the Cloud DLP solutions and Cloud Access Security Broker (CASB) tools. Create procedures to support the analysis of events/incidents for remediation suggestions to relevant areas. Research and document security best practices to proactively identify security gaps including vendor review, technology evaluations, demos, and proof of concept trials. Identify, isolate, and document solution defects and work with the owner/vendor to bring issues to resolution. Create and regularly evaluate process, quality control, and configuration management documentation. Partner with other teams to ensure the successful deployment of security tools (e.g.: Business lines, Network Operations, Database Mgmt, Risk Mgmt, Audit/Compliance, other ISS teams, Mid-Range Server Teams, Mainframe Server Teams, etc.) Participate in an on-call rotation. Develop disaster recovery plans and exercises.
Basic Qualifications - Bachelor's degree in Engineering or Science, or equivalent work experience - Eight or more year of experience in information security - Two or more years of experience in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management
Required Skills 6+ years of proven success in a similar security role. Extensive experience with AWS, GCP, and Azure Cloud Technologies Familiarity with common industry best practices (ITIL, SDLC, AGILE, COBIT). A strong understanding of tiered defense-in-depth security design. Detailed technical knowledge of security engineering and operations. Experience with database management or database activity monitoring solutions. Knowledge of database concepts such as SQL (DML/DQL/DCL) and clustering. Experience with DLP tools. Knowledge of tokenization and encryption. A strong understanding of Data Protection and Compliance best practices. Confident ability to recognize security events of interest that may require improved detection/alerting capabilities. Extensive experience with Windows and/or Linux/Unix Servers. Extensive experience in routing and switching technologies. Familiar with technologies in the security monitoring, event correlation and alert/detection space. Experience creating reports and dashboards for metrics/KPIs. Effectively communicate technical information to non-technical audiences and influence others to comply with policies/conform to standards and best practices. Excellent organizational, time management and interpersonal skills. Strong attention to detail and process.
Preferred Skills CISSP, GIAC, CISA, or other appropriate certifications. Project management skills. Security and IT metrics experience a plus; report creation abilities strongly desired. Experience with process automation and/or scripting (i.e. XML, C++, VBA, Regular Expressions, Python, Pearl, Power Shell, etc.). Experience with audit related frameworks, such as the NIST Cyber Security Framework and Common Control Framework.
Benefits: Take care of yourself and your family with U.S. Bank employee benefits. We know that healthy employees are happy employees, and we believe that work/life balance should be easy to achieve. That's why we share the cost of benefits and offer a variety of programs, resources and support you need to bring your full self to work and stay present and committed to the people who matter most - your family.
Learn all about U.S. Bank employee benefits, including tuition reimbursement, retirement plans and more, by visiting usbank.com/careers.
EEO is the Law Applicants can learn more about the company’s status as an equal opportunity employer by viewing the federal EEO is the Law poster.
E-Verify U.S. Bank participates in the U.S. Department of Homeland Security E-Verify program in all facilities located in the United States and certain U.S. territories. The E-Verify program is an Internet-based employment eligibility verification system operated by the U.S. Citizenship and Immigration Services. Learn more about the E-Verify program.
U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors.