At U.S. Bank, we’re on a journey to do our best. Helping the customers and businesses we serve to make better and smarter financial decisions and enabling the communities we support to grow and succeed. We believe it takes all of us to bring our shared ambition to life, and each person is unique in their potential. A career with U.S. Bank gives you a wide, ever-growing range of opportunities to discover what makes you thrive at every stage of your career. Try new things, learn new skills and discover what you excel at—all from Day One.
Job Description
The Senior Data Encryption Engineer is a critical role within the Data Security and Insider Threat Cloud Transformations team, focused on identifying and protecting sensitive bank information from threats and misuse. The position will perform as a lead subject matter expert (SME) for data protection technologies, including the oversight and improvement of solution health, performance, stability, and ongoing support. Additional responsibilities include creating reports, writing documentation, implementing organizational policies, and ensuring implemented solutions meet the security requirements for supported projects and initiatives.
The role offers a hybrid/flexible schedule, which means there’s an in-office expectation of 3 or more days per week and the flexibility to work outside the office location for the other days at one of the following locations:
- Cincinnati, OH
- Minneapolis, MN
- Milwaukee, WI
- Charlotte, NC
Primary Responsibilities:
Build and maintain an up-to-date comprehensive central inventory of U.S. Bank cryptography objects and assets such as keys and certificates used to encrypt sensitive data which includes but not limited to:
• Symmetric/asymmetric algorithms and protocols (aes, ecc etc.)
• Key management functions: exchange, agreement, derivation, wrapping etc.
• Hash functions, initialization vectors, operations, nonces, macs, salts etc.
• Sensitive digital certificates that have private keys (pkcs12/.pfx etc.)
• Cryptography libraries (openssl etc.)
Generate up-to-date enterprise reports for cryptography objects and assets when as needed by various stakeholders for audit, governance, and encryption compliance matters.
Map cryptography objects and assets with corresponding applications, filesystems and infrastructure systems and help assign ownership based on U.S. Bank CMDB including where and how they are used.
Provide requirements to developers on the cryptographic objects and assets that needed to be scanned using APIs.
Required Skills –
• 6+ years of proven success in a similar engineering and/or security role.
Prior experience with AWS and Azure technologies.
Comfortable with using JSON, YAML, python for parsing JSON, and SQL queries
Understanding of Linux administration, IP networking, and firewalls
• Experience in creating and maintaining detailed technical writing including process, procedure, and change control record documentation.
• Understanding of PCI 4.0 DSS requirements surrounding, data protection, inventory, configuration, authorization, change management, and tamper protection for payment systems.
• Experience presenting materials and evidence with internal/external auditors (e.g. PCI, SOX or regulators).
Preferred Skills –
• In depth understanding of encryption for data in motion and at rest, and key management in the cloud.
• Excellent knowledge of basic cloud services and their configurations.
• Experience implementing and maintaining solutions on cloud computing platforms such as Microsoft Azure, Amazon AWS, and Google Cloud.
• Experience supporting financial services industry rules and regulations (PCI, SOX, GLBA, BASEL).
• CISSP, GIAC, CISA, or other appropriate certifications a plus.
• Confident ability to gain the trust of other teams to facilitate collaboration and creative problem solution.
• Security and IT metrics experience a plus; report creation abilities strongly desired.
• Experience with process automation and/or scripting.
• Experience with audit related frameworks, such as the NIST Cyber Security Framework and Common Control Framework.
• In depth understanding of technology risk and how it relates to security controls.
• Experience creating reports and dashboards for metrics/KPIs.
• Effectively communicate technical information to non-technical audiences and influence others to comply with policies/conform to standards and best practices.
• Excellent organizational, time management and interpersonal skills.
• The ability to prioritize work efforts between operational tasks and strategic efforts
• Familiarity with agile methodologies, scrum, kanban, and Atlassian Jira is a plus.
• A strong customer focus, with the ability to manage expectations appropriately, provide a superior customer/client experience and build long-term relationships.
• Strong attention to detail and process.
If there’s anything we can do to accommodate a disability during any portion of the application or hiring process, please refer to our disability accommodations for applicants .
Benefits:
Our approach to benefits and total rewards considers our team members’ whole selves and what may be needed to thrive in and outside work. That's why our benefits are designed to help you and your family boost your health, protect your financial security and give you peace of mind. Our benefits include the following (some may vary based on role, location or hours):
Healthcare (medical, dental, vision)
Basic term and optional term life insurance
Short-term and long-term disability
Pregnancy disability and parental leave
401(k) and employer-funded retirement plan
Paid vacation (from two to five weeks depending on salary grade and tenure)
Up to 11 paid holiday opportunities
Adoption assistance
Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law
EEO is the Law
U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors. Applicants can learn more about the company’s status as an equal opportunity employer by viewing the federal KNOW YOUR RIGHTS EEO poster.
E-Verify
U.S. Bank participates in the U.S. Department of Homeland Security E-Verify program in all facilities located in the United States and certain U.S. territories. The E-Verify program is an Internet-based employment eligibility verification system operated by the U.S. Citizenship and Immigration Services. Learn more about theE-Verify program .
The salary range reflects figures based on the primary location, which is listed first. The actual range for the role may differ based on the location of the role. In addition to salary, U.S. Bank offers a comprehensive benefits package, including incentive and recognition programs, equity stock purchase 401(k) contribution and pension (all benefits are subject to eligibility requirements). Pay Range: $108,375.00 - $127,500.00 - $140,250.00Job postings typically remain open for approximately 20 days of the posting date listed above, however the job posting may be closed earlier should it be determined the position is no longer required due to business need. Job postings in areas with a high volume of applicants, such as customer service, contact center, and Financial Crimes investigations, remain open for approximately 5 days of the posting listed date.#J-18808-Ljbffr