U.S. Bank is seeking an experienced Senior Boundary Protection Operations Engineer with demonstrated competence and thought leadership capability to contribute toward the success of our technology initiatives. The Boundary Protection Operations Engineer will be primarily responsible for implementing and supporting security solutions and technologies to help protect the organization’s data resources from unauthorized access, use, disclosure, destruction, modification, or disruption. Responsible for the delivery of applications and infrastructure that meet the highest standards, thus maintaining and enhancing customer trust. Analyzes system services, operating systems, networks and applications from a security perspective, discovering security issues that appear under new threat scenarios
The Boundary Protection Operations Engineer is a critical role within the Information Security Technology Operations team, focused on identifying and protecting sensitive bank information from threats and misuse. The incumbent will focus on managing the tools and technologies pertinent to securing sensitive through the use of Web Application Firewalls (WAF), Proxy servers; as well as, intrusion prevention systems and other systems/services to protect against advanced cyber threats. The position will perform as a subject matter expert (SME) for data protection technologies, including the oversight and improvement of solution health, performance, stability, and ongoing support. Additional responsibilities include creating reports, writing documentation, implementing organizational policies, and ensuring implemented solutions meet the security requirements for supported projects and initiatives.
• Serve as a Level 3 SME for the pertinent technologies.
• Perform management activities such as design, implementation, monitoring, capacity planning, scalability testing, fail-over testing, backup/recovery planning, disaster recovery and audit compliance.
• Implement tasks/projects critical to the organization’s data protection technologies.
• Deploy and operation of solutions including, but not limited to, WAF, IDPS and forward/reverse proxies.
• Perform analysis of events/incidents and provide remediation suggestions to relevant owners.
• Research and document security best practices to proactively identify security gaps including vendor review, technology evaluations, demos, and proof of concept trials.
• Identify, isolate, and document solution defects and work with the owner/vendor to bring issues to resolution.
• Create and regularly evaluate process, quality control, and configuration management documentation.
• Partner with other teams to ensure the successful deployment of security tools (e.g.: Business lines, Network Operations, Risk Mgmt, Audit/Compliance, other ISS teams etc.)
• Participate in an on-call rotation.
• Participate in disaster recovery exercises.
• Bachelor's degree in Engineering or Science, or equivalent work experience
• Five or more year of experience in information security
• Two or more years of experience in IT infrastructure management, application architecture, risk management, middleware technology, and IT project management
• 6+ years of proven success in a similar security or operations role.
• Familiarity with common industry best practices (ITIL, SDLC, AGILE).
• A strong understanding of tiered defense security design.
• Strong technical knowledge of security/network engineering and operations.
• Strong knowledge of networking concepts and technologies.
• Experience with two or more of the following: Cisco WSA, Cisco ESA, Cisco Stealthwatch, McAfee NSM, Akamai Kona, Imperva WAF, FireEye, Carbon Black or OpenDNS.
• Knowledge of tokenization and encryption.
• Confident ability to recognize security events of interest that may require improved detection/alerting capabilities.
• Extensive experience with Linux/Unix Servers or Windows Servers.
• Familiar with technologies in the monitoring, event correlation and alert/detection space.
• Experience creating reports and solutions to capture metrics/KPIs.
• Effectively communicate technical information to non-technical audiences and influence others to comply with policies/conform to standards and best practices.
• Excellent organizational, time management and interpersonal skills.
• Strong attention to detail and process.
• Project management skills.
• Systems integration experience.
• CISSP, GIAC, CISA, or other appropriate certifications a plus.
• Experience with process automation, development and/or scripting (i.e. RESTful API, XML, Java, Ruby, Python, C#, Power/Unix Shell, etc.) a plus.
• Experience with NoSQL analytics a plus (SOLr, Splunk, ELK).
• Experience with audit related frameworks, such as the NIST Cyber Security Framework and Common Control Framework.
1st - Daytime