Principal Security Engineer - US Bank (Hawaii)
It is the individual responsibility of every employee to maintain a current awareness and understanding of and to fully comply with U.S. Bancorp's "Code of Ethics". Each employee is also expected to maintain an awareness of the banking laws, regulations, internal policies and procedures that are appropriate for his/her position.
Responsibilities:
Serve as a technical security subject matter expert across multiple security domain areas, stays current with the latest security threats, raises awareness and communicates security risks within the company.
Stay abreast of current mobile and cloud technologies, security compliance requirements, standards and industry trends in order to help achieve the goals of the department.
Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
Develop and maintain possible threat use cases that will be used in research, analysis, assessments, and testing.
Recognize and safely utilize mobile and cloud security tools, tactics, and procedures.
Communicate status of research, analysis, and assessments activities to management.
**Qualifications:**
**Basic Qualifications**
- Bachelor's degree in Engineering or Science, or equivalent work experience
- Eight or more year of experience in information security
- Two or more years of experience in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management
**Preferred Skills/Experience:**
A minimum of 1 year of Penetration Testing
In depth security knowledge in information systems and ability to identify, apply, and implement best practices.
Understanding to interpret and convey complex, difficult, or sensitive information.
CISSP recommended
Experience and proficiency with common tools such as Fortify, Data Theorem, Lookout Protection Platform, Mobile Anti-virus, Webroot, Mobile Security Framework, MITMProxy, OWASP Zed Attack Proxy, MobiSec.
Ability to perform in-depth research of the latest adversarial threat vectors and technologies to remain at the cutting edge of possible adversarial attack capabilities for mobile and cloud technology
Strong malware analysis, reverse engineering, and malware development skills
Strong technical understanding of emerging technologies such as Mobile, Cloud, and Virtualization
Ability to self-learn and maintain strong proficiency in technical tools, countermeasures, and techniques
Solid understanding of major operating systems, mobile device management, mobile application management, mobile application development, cloud security authentication, authorization, cloud compliance, cloud data protection, cloud application protection, infrastructure as a service (IaaS), network as a service, storage as a service, active directory, and associated mobile and cloud infrastructure components
Ability to examine and assess vulnerabilities through the perspective of a threat actor and articulate risk in clear terms for mobile, cloud, and virtualization
Must be able to work effectively with cross department teams and independently with teams who have various skills and backgrounds
Supports and participates in incident response and technical investigations as needed.
Ensures adherence to compliance regulations and policies. Works to develop and interpret security policies and procedures.
**Job:** Information Technology
**Primary Location:** United States
**Shift:** 1st - Daytime
**Average Hours Per Week:** 40
**Requisition ID:** 180000449
**Other Locations:** New York-NY-Home-based
