Senior Information Security Risk and Compliance Consultant


At U.S. Bank, we're passionate about helping customers and the communities where we live and work. The fifth-largest bank in the United States, we’re one of the country's most respected, innovative and successful financial institutions. U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors.



U.S. Bank is seeking a Senior Information Security Risk and Compliance Consultant to carry the banner of Information Security in a Risk Management environment. We are seeking someone who can partner with our businesses and assist them in achieving compliance with various information security focused statutory and regulatory requirements. If you are an Information Security practitioner who gets excited about helping people, using your knowledge and skills to provide meaningful value and having responsibility for the security of extremely valuable assets, you might be the person we are looking for.

Some of the responsibilities for our ideal candidate would be:
· Assessing systems, processes or controls for effectiveness and compliance with regulatory and industry standards
· Reviewing new and existing statutory/regulatory requirements for the potential impact at U.S. Bank
· Thinking outside the box to initiate improvements of processes or methodologies
· Automating security control evaluation
· Partnering with business lines in implementation of information security controls which meet regulatory or industry standard compliance

The ideal candidate will be able to translate information security focused regulatory and industry standards (ISO27001, GDPR, FFIEC, PCI etc.) into specific control requirements. This person should have a strong understanding of modern computer systems in order to provide specific guidance on control implementation. Addditionally:

· Strong writing skills with experience in documenting test procedures and results
· Skilled in leading and coordinating work efforts of other team members to meet tactical and strategic goals
· Experience with program management and measurement through development and implementation of process efficiency and effectiveness measurements
· Ability to analyze and articulate implications of compliance requirements
· Skilled at communicating technical information to non-technical audiences and stakeholders at every level of the organization
· Ability to build and maintain relationships across diverse technical and non-technical teams
· Effective in communication with management and senior leadership, as well as internal & external auditors





Minimum Requirements:
· Bachelor's degree or equivalent work experience
· Minimum of 8 years of experience in information technology and/or information security and compliance
· Understanding of legal, regulatory and compliance requirements for information security in the financial industry
· Demonstrated leadership with teams/individuals and large/complex enterprise projects
· Effective communication
· Proficient in MS Office tool suite including, Excel, PowerPoint, SharePoint and Visio

Preferred Skills:
· Graduate/Master's level degree in the areas of business administration, information security, computer science, information technology management, technology auditing
· Experience in risk and compliance management and process development in the areas of information technology and security
· Highly skilled in developing executive-level presentations and strategies that include process diagrams and designs
· Working knowledge of RSA Archer tool
· Experience in OS System Administration
· Industry certifications in the area of information security, project management and technology auditing including, CISSP, CISM, CGEIT, CISA, GIAC GSEC, CRISC



Information Technology

Primary Location

United States


1st - Daytime

Average Hours Per Week