The candidate selected for this role will deliver security controls within AWS, GCP, and Azure to effectively manage risk within U.S. Bank’s information security practice. We are seeking a highly effective and collaborative engineer with a proven track record of operating various security technologies.
Familiar with the deployment of cloud native and third-party technologies to secure cloud platforms, eg: Cloud Workload Protection (CWPP), Cloud Security Platform Management (CSPM), and Workload Scanning solutions.
Understanding of DevSecOps capabilities in cloud offering using CI/CO toolset and automation.
Knowledge of the regulatory landscape for public cloud and the implementation patterns required to be compliant,
Work with Incident Response team to build in ability to rapidly detect, contain, investigate, eradicate, and recover from security incidents. Familiarity with MITRE A@TTACK is a plus.
The ideal candidate will have a well-rounded and highly technical background with a strong understanding of operating security technologies and cloud fundamentals. The candidate should have familiarity with industry security frameworks and best practices (e.g., ITIL, NIST CyberSecurity Framework, COBIT, etc.). The candidate should also understand and have experience with the regulatory, legal and contractual requirements impacting financial institutions (e.g., FISMA, GLBA, SOX, GDPR, PSD2, SOC2, and PCI DSS). The candidate additionally will have or exhibit the following:
Technical experience with networks, operating systems, applications and other aspects of information technology architecture.