Data Security Encryption Engineer
at US Bank National Association
Minneapolis, MN 55402, USA -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 16 Nov, 2024 | USD 140250 Annual | 16 Aug, 2024 | 6 year(s) or above | Interpersonal Skills,Motion,Agile Methodologies,Scrum,Metrics,Microsoft Azure,Time Management,Collaboration,Key Management,Kanban,Encryption,Rest,Dashboards,Cisa,Google Cloud,Security Controls,Giac,Control Framework,Technology Risk,Cissp,Regulations | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
At U.S. Bank, we’re on a journey to do our best. Helping the customers and businesses we serve to make better and smarter financial decisions and enabling the communities we support to grow and succeed. We believe it takes all of us to bring our shared ambition to life, and each person is unique in their potential. A career with U.S. Bank gives you a wide, ever-growing range of opportunities to discover what makes you thrive at every stage of your career. Try new things, learn new skills and discover what you excel at—all from Day One.
JOB DESCRIPTION
The Senior Data Encryption Engineer is a critical role within the Data Security and Insider Threat Cloud Transformations team, focused on identifying and protecting sensitive bank information from threats and misuse. The position will perform as a lead subject matter expert (SME) for data protection technologies, including the oversight and improvement of solution health, performance, stability, and ongoing support. Additional responsibilities include creating reports, writing documentation, implementing organizational policies, and ensuring implemented solutions meet the security requirements for supported projects and initiatives.
The role offers a hybrid/flexible schedule, which means there’s an in-office expectation of 3 or more days per week and the flexibility to work outside the office location for the other days at one of the following locations:
- Cincinnati, OH
- Minneapolis, MN
- Milwaukee, WI
- Charlotte, NC
Primary Responsibilities:
Build and maintain an up-to-date comprehensive central inventory of U.S. Bank cryptography objects and assets such as keys and certificates used to encrypt sensitive data which includes but not limited to:
- Symmetric/asymmetric algorithms and protocols (aes, ecc etc.)
- Key management functions: exchange, agreement, derivation, wrapping etc.
- Hash functions, initialization vectors, operations, nonces, macs, salts etc.
- Sensitive digital certificates that have private keys (pkcs12/.pfx etc.)
- Cryptography libraries (openssl etc.)
Generate up-to-date enterprise reports for cryptography objects and assets when as needed by various stakeholders for audit, governance, and encryption compliance matters.
Map cryptography objects and assets with corresponding applications, filesystems and infrastructure systems and help assign ownership based on U.S. Bank CMDB including where and how they are used.
Provide requirements to developers on the cryptographic objects and assets that needed to be scanned using APIs.
Required Skills –
- 6+ years of proven success in a similar engineering and/or security role.
Prior experience with AWS and Azure technologies.
Comfortable with using JSON, YAML, python for parsing JSON, and SQL queries
Understanding of Linux administration, IP networking, and firewalls
- Experience in creating and maintaining detailed technical writing including process, procedure, and change control record documentation.
- Understanding of PCI 4.0 DSS requirements surrounding, data protection, inventory, configuration, authorization, change management, and tamper protection for payment systems.
- Experience presenting materials and evidence with internal/external auditors (e.g. PCI, SOX or regulators).
Preferred Skills –
- In depth understanding of encryption for data in motion and at rest, and key management in the cloud.
- Excellent knowledge of basic cloud services and their configurations.
- Experience implementing and maintaining solutions on cloud computing platforms such as Microsoft Azure, Amazon AWS, and Google Cloud.
- Experience supporting financial services industry rules and regulations (PCI, SOX, GLBA, BASEL).
- CISSP, GIAC, CISA, or other appropriate certifications a plus.
- Confident ability to gain the trust of other teams to facilitate collaboration and creative problem solution.
- Security and IT metrics experience a plus; report creation abilities strongly desired.
- Experience with process automation and/or scripting.
- Experience with audit related frameworks, such as the NIST Cyber Security Framework and Common Control Framework.
- In depth understanding of technology risk and how it relates to security controls.
- Experience creating reports and dashboards for metrics/KPIs.
- Effectively communicate technical information to non-technical audiences and influence others to comply with policies/conform to standards and best practices.
- Excellent organizational, time management and interpersonal skills.
- The ability to prioritize work efforts between operational tasks and strategic efforts
- Familiarity with agile methodologies, scrum, kanban, and Atlassian Jira is a plus.
- A strong customer focus, with the ability to manage expectations appropriately, provide a superior customer/client experience and build long-term relationships.
- Strong attention to detail and process.
If there’s anything we can do to accommodate a disability during any portion of the application or hiring process, please refer to our disability accommodations for applicants.
Responsibilities:
The role offers a hybrid/flexible schedule, which means there’s an in-office expectation of 3 or more days per week and the flexibility to work outside the office location for the other days at one of the following locations:
- Cincinnati, OH
- Minneapolis, MN
- Milwaukee, WI
- Charlotte, N
Our approach to benefits and total rewards considers our team members’ whole selves and what may be needed to thrive in and outside work. That’s why our benefits are designed to help you and your family boost your health, protect your financial security and give you peace of mind. Our benefits include the following (some may vary based on role, location or hours):
- Healthcare (medical, dental, vision)
- Basic term and optional term life insurance
- Short-term and long-term disability
- Pregnancy disability and parental leave
- 401(k) and employer-funded retirement plan
- Paid vacation (from two to five weeks depending on salary grade and tenure)
- Up to 11 paid holiday opportunities
- Adoption assistance
- Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by la
REQUIREMENT SUMMARY
Min:6.0Max:11.0 year(s)
Information Technology/IT
IT Software - Other
Software Engineering
Graduate
Proficient
1
Minneapolis, MN 55402, USA