U.S. Bank

Senior DevSecOps Controls Manager

U.S. Bank

full-time

Posted on:

Location: Colorado, Illinois, North Carolina • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $124,355 - $146,300 per year

Job Level

Senior

Tech Stack

AnsibleAWSAzureChefCloudCyber SecurityDockerJavaJenkinsKubernetesPuppetPythonRubyTerraform

About the role

  • Own creation, maintenance and rollout of processes and tools to automate and audit DevSecOps controls and contractual cybersecurity/privacy agreements
  • Maintain data inventory tracking of “high value client” data repositories
  • Maintain inventory of privileged accounts with access to “high value client” data
  • Coordinate and document data sharing approvals with “high value client” relationship owners
  • Oversee and consult on security impacts associated with product and system changes
  • Participate as SME in collaborative cybersecurity incident management for products and systems processing/storing “high value client” data, including review of cybersecurity logging dashboards and reports
  • Participate as SME and review control validation in reciprocal third-party security assessments, including annual PCI assessments with “high value clients”
  • Design processes and tools to facilitate automation and auditability of controls, including PCI compliance and assessments

Requirements

  • Bachelor's degree, or equivalent work experience
  • Seven or more years of experience with the processes, tools and techniques for assessing and controlling an organization's exposure to risk
  • Four or more years of experience with a total Information Technology (IT) environment
  • Secure Coding Practices: Understanding secure coding principles and common vulnerabilities
  • Cloud Security: Knowledge of cloud platforms (AWS, Azure) and their security features
  • Containerization and Orchestration: Proficiency with Docker and Kubernetes
  • Security Frameworks: Familiarity with frameworks like OWASP and NIST
  • Vulnerability Management: Ability to identify, assess, and mitigate vulnerabilities
  • Threat Modeling: Understanding how to identify potential threats and develop mitigation strategies
  • Security Testing: Experience with tools like OWASP ZAP, Burp Suite, and vulnerability scanners
  • DevOps Expertise: CI/CD experience with tools like Jenkins or GitLab
  • Infrastructure as Code (IaC): Knowledge of Terraform or CloudFormation
  • Configuration Management: Familiarity with Ansible, Puppet, or Chef
  • Scripting and Programming: Proficiency in Python, Java, or Ruby
  • Automation: Experience automating security checks and security automation tools
  • Communication: Ability to communicate security risks to technical and non-technical audiences
  • Collaboration: Work effectively with development, operations, and security teams
  • Problem-Solving, Analytical Skills, Critical Thinking, Continuous Learning
  • PCI DSS experience
  • Incident Response experience
  • Risk Assessment and Compliance Knowledge
Truist

DevSecOps Engineer

Truist
Mid · Seniorfull-timeNorth Carolina, Virginia · 🇺🇸 United States
Posted: 8 hours agoSource: truist.wd1.myworkdayjobs.com
AWSPythonTerraformUnix
Connected Logistics

DevSecOps Engineer

Connected Logistics
Senior · Leadfull-time🇺🇸 United States
Posted: 1 day agoSource: recruiting.paylocity.com
AzureCloudJenkinsKubernetesMicroservicesNoSQLSQL
Ciena

Manager, Service Reliability Engineering

Ciena
Mid · Seniorfull-time$119k–$191k / year🇺🇸 United States
Posted: 2 days agoSource: ciena.wd5.myworkdayjobs.com
CloudDistributed SystemsSwift
FactSet

Lead Site Reliability Principal Architect

FactSet
Seniorfull-time$220k–$265k / yearNew York, North Carolina, Pennsylvania, South Carolina · 🇺🇸 United States
Posted: 2 days agoSource: factset.wd108.myworkdayjobs.com
AnsibleAWSChefCloudGrafanaKubernetesPrometheusPuppetTerraform
Regions Bank

Cloud DevSecOps Engineer

Regions Bank
Senior · Leadfull-time$144k–$180k / year🇺🇸 United States
Posted: 2 days agoSource: regions.wd5.myworkdayjobs.com
AnsibleAWSAzureCloudKubernetesOpenShiftPackerTerraformVault