Sr. Information Security Specialist

U.S. Bank is seeking a Senior Information Security Specialist with demonstrated competence in Data Loss Prevention (DLP) and experience to contribute toward the success of our technology initiatives. This person will provide support to clients, management, security partners, and security operations. In this role, the individual will review, develop, and implement data security remediation plans in collaboration with business line risk teams. Will leverage data security as an opportunity to enhance controls, improve training or re-engineer business processes. Will review circumstances surrounding data security risks and partner with delivery teams on corrective actions. The person will document remediation procedures and track efficacy as well as provide implementation support for risk assessment and data security procedures and products.

Responsibilities include:

• Independently investigate and analyze security incidents, identifying false positives and true positives.
• Troubleshoot DLP support issues to determine resolution.
• Work with the business (end-user, managers, Risk Managers) to identify and resolve DLP issues causing business interruption.
• Collaborate with cross-functional teams to provide support to the business.
• Assist in refining DLP policies based on support issues, false positives, incident trends and organizational needs.

• Develop and implement DLP strategies aligned with the organization's risk profile and compliance requirements.
• Identify areas of remediation by analysis of DLP data for trends and outliers to target areas of risk.
• Collaborate with business partners to assist in implementing solutions to remediate areas of data security risk.
• Lead initiatives to enhance DLP support and remediation processes.

• Perform data analysis to identify data security risks across the enterprise.
• Define and build reports and dashboards to demonstrate data security risks and highlight trends.
• Perform scheduled reporting tasks to deliver data to the business to meet control requirements and support risk remediation efforts.

Basic Qualifications

• Bachelor's degree or equivalent work experience
• At least five years of experience with the processes, tools, techniques, and practices for assuring adherence to quality standards associated with information technology and data security.

Experience Should Include

• 3 years’ experience in Information Security and Data Loss Prevention (DLP) frameworks
• 3 years’ experience supporting business lines/stakeholders in evaluating and remediating security risk.
• 3 years demonstrated experience working with customers to troubleshoot and resolve issues.
• 3 years’ experience working with IT standards, procedures, and policies including NIST & ISO27000
• 3 years’ experience tracking and reporting on monthly metrics
• 4 years’ experience with MS-Office (advanced Excel)
• 5 years’ demonstrated experience documenting risk analysis results and technical writing

• Experience interpreting data, analyzing results using statistical techniques and providing ongoing reports.
• Strong analytic skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy.
• Adept at queries, report writing and presenting findings.

• Proven ability to present analyses to leadership with observations and recommendations.
• Ability to build and maintain effective relationships with cross-functional teams, senior leadership, and technical resources.
• Experience presenting findings and communicating technical information to non-technical audiences and stakeholders.
• Excellent problem-solving skills and willingness to solve open-ended problems while demonstrating an ability to work independently.
• Professional written and verbal skills

Preferred Skills/Experience

• Certified Information System Security Professional (CISSP) or equivalent certification/experience
• CISA, CISM, CRISC
• GIAC GSEC

• Experience with databases (SQL, etc), data transformation tools (Tableau Prep, Alteryx, etc) and visualization tools (Tableau, PowerBI, etc).

• Experience with the Microsoft DLP Suite

#ISS