U.S. Bank Sr. Information Security Engineer Vulnerability and Baseline Scanning - TELECOMMUTE in St. Paul, Minnesota
At U.S. Bank, we're passionate about helping customers and the communities where we live and work. The fifth-largest bank in the United States, we’re one of the country's most respected, innovative and successful financial institutions. U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors.
Job DescriptionJob Description The Senior Security Engineer will be primarily responsible for implementing and supporting Vulnerability and Baseline Scanning solutions and technologies to help identify the organization’s technical vulnerabilities and baseline compliance. In addition, they will support the overall Vulnerability and Baseline Scanning service for the enterprise.
Main Function The Senior Security Engineer is a critical role within the Information Security Technology Operations team, focused on solutions that identify the organization’s technical vulnerability and baseline compliance. As part of an established team, this candidate will need to assist in deploying, maintaining, and sustaining the Vulnerability and Baseline Scanning technology and processes for US Bank and its subsidiaries, as well as supporting regulatory requirements. In addition, this candidate will need to interface and communicate with various security and non-security groups within the bank, in support of this effort. This candidate will also manage and participate in small- and medium-scale projects, including (but not limited to) scheduled environment technology refreshes, ad-hoc system upgrades, and scanning service maturity/continuous improvement initiatives.
Main Duties • Serve as a Level 3 Engineer for the Vulnerability and Baseline Scanning technologies, including participation in a team on-call rotation. • Implement tasks/projects critical to the organization’s vulnerability and baseline scanning technologies. • Participate as SME in the team that supports Vulnerability and Baseline Scanning. • Create procedures for support of technologies and services. • Research and document security best practices to proactively identify security gaps including vendor review, technology evaluations, demos, and proof of concept trials. • Identify, isolate, and document solution defects and work with the owner/vendor to bring issues to resolution. • Create and regularly evaluate process, quality control, and configuration management documentation. • Partner with other teams to ensure the successful deployment of security tools (e.g.: Vulnerability and Compliance Management, Business lines, Network Operations, IAM, etc.). • Develop and validate disaster recovery plans and exercises.
Basic Qualifications - Bachelor's degree in Engineering or Science, or equivalent work experience - Five or more years of experience in information security - Two or more years of experience in IT infrastructure management, application architecture, risk management, middleware technology, and IT project management
Additional Required Skills • 5+ years of proven success in a similar security or engineering role. • 2+ years experience with security scanning technologies and processes, with ideal being Vulnerability and Baseline Scanning. • 5+ years experience with ITIL technology and service management processes, including incident, problem, and change management. • Familiarity with common enterprise-level cloud environments (AWS, GCP, and Azure). • Familiarity with tiered defense-in-depth security design. • 5+ years administrative experience with Windows and/or Linux/Unix Servers. • 5+ years experience creating reports and dashboards using Microsoft tools for metrics/KPIs for a variety of different audience types. • Excellent organizational, time management, communication (written and spoken), and interpersonal skills. • Strong attention to detail and process.
Preferred Skills • CISSP, GIAC, CISA, or other appropriate certifications is a plus • 2+ years cloud experience (any cloud platform AWS/GCP/Azure) have done API or more in depth application usage • 2+ years experience managing Small- to Medium- Projects. • 1+ years experience with and/or understanding and ability to produce reports for Security and IT metrics a plus • Familiarity with process automation and/or scripting (i.e. bash, POSIX shell, VBA, Regular Expressions, Python, Perl, Powershell, etc.). • 1+ years experience with audit-related frameworks, such as the NIST Cyber Security Framework and Common Control Framework.
Benefits: Take care of yourself and your family with U.S. Bank employee benefits. We know that healthy employees are happy employees, and we believe that work/life balance should be easy to achieve. That's why we share the cost of benefits and offer a variety of programs, resources and support you need to bring your full self to work and stay present and committed to the people who matter most - your family.
Learn all about U.S. Bank employee benefits, including tuition reimbursement, retirement plans and more, by visiting usbank.com/careers.
EEO is the Law Applicants can learn more about the company’s status as an equal opportunity employer by viewing the federal EEO is the Law poster.
E-Verify U.S. Bank participates in the U.S. Department of Homeland Security E-Verify program in all facilities located in the United States and certain U.S. territories. The E-Verify program is an Internet-based employment eligibility verification system operated by the U.S. Citizenship and Immigration Services. Learn more about the E-Verify program.
Salary range reflected is an estimate of base pay and is for the primary location. Base pay range may vary if an offer is made for work in a different location. Pay Range: $92,735.00 - $109,100.00 - $120,010.00
U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors.