Senior Information Security Engineer

At U.S. Bank, we’re on a journey to do our best. Helping the customers and businesses we serve to make better and smarter financial decisions and enabling the communities we support to grow and succeed. We believe it takes all of us to bring our shared ambition to life, and each person is unique in their potential. A career with U.S. Bank gives you a wide, ever-growing range of opportunities to discover what makes you thrive at every stage of your career. Try new things, learn new skills and discover what you excel at—all from Day One. Job Description U.S. Bank is seeking a Principal Cloud Information Security Engineer with demonstrated competence and visionary contributions related to cloud technology initiatives. This role will have a direct and constant impact on the planning, design and engineering maintenance of cloud application security efforts that enable the enterprise information security program. Well-developed cloud technical abilities and a strong familiarity and continued growing experience in cutting-edge cloud security practices are essential. Responsible for engineering and delivering tangible gains for domains such as API protection, container security, application security and microservices protection that enable our product teams. Working as part of a dynamic agile team, collaborates with security engineering teams overseeing Application Security, Container and Microservices security, and API Security vulnerability management products. This role will be an individual contributor for teams supporting cloud professionals responsible for the most complex and technologically driven digital transformation products with the largest market demand; deemed as vital to the organization. Operates at a highly independent level, consulting with and advising management on the potential implications of various actions. Contributes to the development of short- and long-term goals to meet product objectives and the implementation of appropriate long term strategic plans. Requires an expert knowledge of the technical security engineering skills in cloud environments. Responsibilities: Contributes and participates in day-to-day engineering operations and effectiveness of cloud container and application security-related programs and initiatives with a hyper focus on Azure and AWS footprints. Follows guidance and direction for securing the Bank's custom code, containers, and constructs. Works with development and infrastructure support management to drive security by design into security product backlogs. Collaborates in the coordination for the remediation of identified cloud risks and control deficiencies. Evaluates cloud security controls, capabilities and processes for opportunities to improve, optimize and simplify through automation. Serves as technical and function matter expert for cloud application/ container incident response, zero-day vulnerability assessments and technical investigations as needed. Assesses the risk associated with newly discovered vulnerabilities and communicates the application of vendor-supplied patches to manage risk. Basic Qualifications - Bachelor's degree in Engineering or Science, or equivalent work experience - Five or more year of experience in information security - Two or more years of experience in IT infrastructure management, application architecture, risk management, middleware technology, and IT project management Experience should include Strong exposure and engineering expertise using one or more of the public cloud service providers within the context of security (Azure, AWS, GCP) Preference for specific engineering experience with vulnerability scanning technologies such as Tenable io, DAST Central, Prisma cloud (Twistlock, Bridgecrew, Redlock, etc), FOSSA Preference for specific engineering experience with DevOps-based configuration management technologies such as Chef, Ansible, Puppet and platform tooling such as Terraform Preference for specific engineering experience or background with containerized solutions such as Docker, Kubernetes, Amazon ECS, etc. Special consideration for specific engineering experience or background with API security solutions such as NoName, Cequence, Apigee, Synopsys API, etc. Bonus points for experience managing and provisioning infrastructure through code via machine readable contracts instead of through manual process (IaC) Experience with the use of code to define and manage rules and conditions (using Python, YAML, etc) to assure enforcements based on specific tool sets (PaC and OPA in AWS CDK) Experience and familiarity planning and deploying constructs that scale and provide full lifecycle security for containerized environments from pipeline to perimeter Experience implementing and managing operational responsibilities for detection/management of vulnerabilities across cloud application lifecycle, container images and serverless functions to prevent security and compliance issues from progressing through the development pipeline Exposure to leveraging behavioral learning to automate the creation and enforcement of security models/ profiles for API protection, container security and cloud application security If there’s anything we can do to accommodate a disability during any portion of the application or hiring process, please refer to our disability accommodations for applicants. Learn how the way we work at U.S. Bank drives meaningful relationships with our customers and collaboration across the company. Benefits: Our approach to benefits and total rewards considers our team members’ whole selves and what may be needed to thrive in and outside work. That's why our benefits are designed to help you and your family boost your health, protect your financial security and give you peace of mind. Our benefits include the following (some may vary based on role, location or hours): Healthcare (medical, dental, vision) Basic term and optional term life insurance Short-term and long-term disability Pregnancy disability and parental leave 401(k) and employer-funded retirement plan Paid vacation (from two to five weeks depending on salary grade and tenure) Up to 11 paid holiday opportunities Adoption assistance Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law EEO is the Law U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors. Applicants can learn more about the company’s status as an equal opportunity employer by viewing the federal KNOW YOUR RIGHTS EEO poster. E-Verify U.S. Bank participates in the U.S. Department of Homeland Security E-Verify program in all facilities located in the United States and certain U.S. territories. The E-Verify program is an Internet-based employment eligibility verification system operated by the U.S. Citizenship and Immigration Services. Learn more about the E-Verify program. Due to legal requirements, U.S. Bank requires that the successful candidate hired for some positions be fully-vaccinated for COVID-19, absent being granted an accommodation due to a medical condition, pregnancy, or sincerely held religious belief or other legally required exemption. For these positions, as part of the conditional offer of employment, the successful candidate will be asked to provide proof of vaccination or approval for an accommodation or exemption upon hire. Our 74,000 employees work across departments to help our millions of retail, business, wealth management, payment, commercial and corporate, and investment services customers across the country and around the world turn their dreams into reality. Our employees are empowered to create change and drive our future, and we pride ourselves on diligently and ethically upholding U.S. Bank’s best-in-class financial record and legacy of more than 150 years in banking. Most importantly, we put people first, cultivating and treasuring meaningful relationships with the customers we serve, the colleagues we support and the communities where we live and work.