Information Security Specialist


At U.S. Bank, we're passionate about helping customers and the communities where we live and work. The fifth-largest bank in the United States, we’re one of the country's most respected, innovative and successful financial institutions. U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors.


U.S. Bank is seeking an Information Security Specialist with threat and vulnerability experience to contribute toward the success of our technology initiatives. Responsible for providing technical expertise in development and support of all activities, processes, and tools for protecting technology-based information.


  • Provides team leadership for security staff on a daily basis.
  • Serves as a technical resource within the team using experience with programming  languages such as Java, JavaScript, API(s), etc. and 
    relational database concepts and design, writing SQL queries, in MS SQL and Oracle SQL.
  • Educates, trains, and supports end-users and ISS staff in good security practices and procedures.
  • Facilitates training process by recommending and researching opportunities for the team.
  • Approves recommended changes to security policies/procedures.
  • Provides technical support to clients, management, security administrators, and network operations.
  • Leads the team in the identification of gaps in coverage for potential threats against the Bank and recommends tools to fill those gaps.
  • Notifies IT operations groups of vulnerabilities within their systems, raises awareness of security alerts that could affect systems they manage, and provides recommendations on mitigating/removing the vulnerabilities.
  • Develops guidelines for the usage, control, maintenance, and auditability of information and computer resources.
  • Provides implementation support for risk assessment and data security procedures and products.
  • Conducts the risk analysis and assessment of threats to the security of the Bank's network, systems, or information.
  • Reviews the identification of network security issues and coordinates the response in accordance with the Security Incident Management Plan.
  • Conducts forensic analysis and investigations.
  • Updates and maintains the Security Incident Management Plan.
  • Provides guidance on vulnerability assessments to help the organization develop security standards and procedures that support strategic, tactical, and operational objectives on a cost-effective basis.
  • Reviews, develops, tests, and implements data security-related infrastructure for team tools, security plans, products, and control techniques.
  • Provides analysis and implementation of complex project access requests. Works with business lines to identify initial access security requirements. Identifies possible solutions to satisfy customer requirements and security policy standards.
  • Provides guidance to junior and senior staff as appropriate.


Successful applicants will exemplify US Bank's ethical principles of uncompromising integrity, respect for others, accountability for decisions and actions, and good citizenship.





Basic Qualifications:


-Bachelor's degree or equivalent work experience
-ISACA Certified Information Security Manager
-Certified Information Systems Auditor
-Certified Information System Security Professional
-At least 7 years experience with processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data.




Preferred Skills/Experience:


Ideal candidate will have experience with:

-Multiple languages such as Java, JavaScript, API(s), etc. and understand how to detect and remedy related security issues

-Relational database concepts and design, writing SQL queries, in MS SQL and Oracle SQL
-Identity Access Management platform(s)
-SharePoint 2013 administration, workflow design, web part design, form and list/library development, and debugging using various programming languages 

Extensive experience in:
-Information security technologies
-Information security management
-Technical writing/documentation
-Change control
-Product and vendor evaluation
-IT environment
-IT standards, procedures, policy
-Information security audits
-Information security architecture


Subject matter expert in:
-Information security administration
-Network and internet security



Information Technology

Primary Location



1st - Daytime

Average Hours Per Week