At Shire, we are proud and grateful to employ military veterans and thank them for their contributions to our company and our country. See where your military experience can play a role at Shire by using our military skills translator job search tool below:
At U.S. Bank, we’re on a journey to do our best. Helping the customers and businesses we serve to make better and smarter financial decisions and enabling the communities we support to grow and succeed. We believe it takes all of us to bring our shared ambition to life, and each person is unique in their potential. A career with U.S. Bank gives you a wide, ever-growing range of opportunities to discover what makes you thrive at every stage of your career. Try new things, learn new skills and discover what you excel at—all from Day One.
Job Description
The Data Protection Operations Engineer is a critical role within the Information Security Technology Operations team, focused on identifying and protecting sensitive bank information from threats and misuse. The incumbent will focus on enabling database monitoring activity within the Cyber Defense Operations Team. The role includes alerting/detection and complex security attack event correlation services, report creations and brings new database sources onboarded into the DAM tools. The incumbent will be part of the team that manages tools and technologies pertinent to securing sensitive data in transit and at rest using Database Monitoring, Cloud Access Security Broker (CASB), Data Leakage Protection (DLP), Data Classification, Tokenization, and Encryption technologies. The position will perform as a lead subject matter expert (SME) for data protection technologies, including the oversight and improvement of solution health, performance, stability, and ongoing support. Additional responsibilities include creating reports, writing documentation, implementing organizational policies, and ensuring implemented solutions meet the security requirements for supported projects and initiatives.
The role offers a hybrid/flexible schedule, which means there’s an in-office expectation of 3 or more days per week and the flexibility to work outside the office location for the other days at one of the following locations:
Cincinnati, OH
Minneapolis, MN
Charlotte, NC
Main Duties
• Serve as a Level 3 SME for the pertinent technologies.
• Perform management activities such as implementation, monitoring, periodic access reviews, licensing attestations, capacity planning, scalability testing, fail-over testing, backup/recovery planning, disaster recovery and audit compliance.
• Implement tasks/projects critical to the organization’s data protection technologies.
• Perform analysis of events/incidents to identify and enhance Database Monitoring and Tokenization / Encryption controls
• Research and document security best practices to proactively identify security gaps including vendor review, technology evaluations, demos, and proof of concept trials.
• Identify, isolate, and document solution defects and work with the owner/vendor to bring issues to resolution.
• Create and regularly evaluate process, quality control, and configuration management documentation.
• Instruct, monitor, and mentor L1/L2 resource personnel and team(s) to assist in streamlining operational activities and processes.
• Develop, manage, and maintain DAM tool / coverage metrics, appropriate change management and risk records
• Minimize software vulnerabilities for pertinent technologies by the regular review and implementation of software patches, certificate updates, and configuration changes
• Partner with engineering to plan and implement application upgrades for pertinent technologies
• Partner with other teams to ensure the successful deployment of security tools (e.g.: Business lines, Network Operations, Database Mgmt, Risk Mgmt, Audit/Compliance, other ISS teams, Mid-Range Server Teams, Mainframe Server Teams, etc.) across multiple time-zones and countries
• Participate in an on-call rotation.
• Participate in disaster recovery exercises.
Required Skills –
• 6+ years of proven success in a similar security role.
• Prior experience with database management or database activity monitoring solutions.
• Familiarity with Relational databases as well as SQL skills.
• Experience in creating and maintaining detailed technical writing including process, procedure, and change control record documentation.
• Understanding of PCI 4.0 DSS requirements surrounding, data protection, inventory, configuration, authorization, change management, and tamper protection for payment systems.
• Experience presenting materials and evidence with internal/external auditors (e.g. PCI, SOX or regulators).
Preferred Skills -
• Strong tuning and operational experience with DAM monitoring tools (Imperva, Guardium)
• Strong tuning and operational experience with Data Tokenization tools (Voltage)
• Experience implementing and maintaining solutions on cloud computing platforms such as Microsoft Azure, Amazon AWS, and Google Cloud.
• Experience supporting financial services industry rules and regulations (PCI, SOX, GLBA, BASEL).
• CISSP, GIAC, CISA, or other appropriate certifications a plus.
• Project management skills.
• Security and IT metrics experience a plus; report creation abilities strongly desired.
• Experience with process automation and/or scripting.
• Experience with audit related frameworks, such as the NIST Cyber Security Framework and Common Control Framework.
• Familiarity with common industry best practices (ITIL, SDLC, AGILE, COBIT).
• A strong understanding of tiered defense-in-depth security design.
• Detailed technical knowledge of security engineering and operations.
• Knowledge of database concepts such as SQL (DML/DQL/DCL) and clustering.
• Familiarity with data tokenization and encryption.
• Familiarity with Big Data environments and/or Big Data security solutions.
• Confident ability to recognize security events of interest that may require improved detection/alerting capabilities.
• Experience with Windows and/or Linux/Unix Servers and numerous databases.
• Familiar with technologies in the security monitoring, event correlation and alert/detection space.
• Experience creating reports and dashboards for metrics/KPIs.
• Effectively communicate technical information to non-technical audiences and influence others to comply with policies/conform to standards and best practices.
• Excellent organizational, time management and interpersonal skills.
• The ability to prioritize work efforts between operational tasks and strategic efforts
• Familiarity with agile methodologies, scrum, kanban, and Atlassian Jira is a plus.
• Prior experience working in agile operations teams, adhering to sprints, sprint planning, and sprint maintenance is beneficial.
• A strong customer focus, with the ability to manage expectations appropriately, provide a superior customer/client experience and build long-term relationships.
• Strong attention to detail and process.
If there’s anything we can do to accommodate a disability during any portion of the application or hiring process, please refer to our disability accommodations for applicants (https://careers.usbank.com/global/en/disability-accommodations-for-applicants) .
Benefits:
Our approach to benefits and total rewards considers our team members’ whole selves and what may be needed to thrive in and outside work. That's why our benefits are designed to help you and your family boost your health, protect your financial security and give you peace of mind. Our benefits include the following (some may vary based on role, location or hours):
Healthcare (medical, dental, vision)
Basic term and optional term life insurance
Short-term and long-term disability
Pregnancy disability and parental leave
401(k) and employer-funded retirement plan
Paid vacation (from two to five weeks depending on salary grade and tenure)
Up to 11 paid holiday opportunities
Adoption assistance
Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law
EEO is the Law
U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors. Applicants can learn more about the company’s status as an equal opportunity employer by viewing the federal KNOW YOUR RIGHTS (https://eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf) EEO poster.
E-Verify
U.S. Bank participates in the U.S. Department of Homeland Security E-Verify program in all facilities located in the United States and certain U.S. territories. The E-Verify program is an Internet-based employment eligibility verification system operated by the U.S. Citizenship and Immigration Services. Learn more about the E-Verify program (https://careers.usbank.com/verification-of-eligibility-for-employment) .
The salary range reflects figures based on the primary location, which is listed first. The actual range for the role may differ based on the location of the role. In addition to salary, U.S. Bank offers a comprehensive benefits package, including incentive and recognition programs, equity stock purchase 401(k) contribution and pension (all benefits are subject to eligibility requirements). Pay Range: $108,375.00 - $127,500.00 - $140,250.00
Job postings typically remain open for approximately 20 days of the posting date listed above, however the job posting may be closed earlier should it be determined the position is no longer required due to business need. Job postings in areas with a high volume of applicants, such as customer service, contact center, and Financial Crimes investigations, remain open for approximately 5 days of the posting listed date.