U.S. Bank Hiring for Application Security Engineer – Remote at Harrisburg, Pennsylvania Full Time

At U.S. Bank, we’re on a journey to do our best. Helping the customers and businesses we serve to make better and smarter financial decisions and enabling the communities we support to grow and succeed. We believe it takes all of us to bring our shared ambition to life, and each person is unique in their potential. A career with U.S. Bank gives you a wide, ever-growing range of opportunities to discover what makes you thrive at every stage of your career. Try new things, learn new skills and discover what you excel at—all from Day One.

Job Description

U.S. Bank is seeking an Application Security Engineer to help us protect our applications, services, and infrastructure from security threats. As part of our Application Security Engineering team, you will be responsible for identifying and mitigating potential risks, ensuring the confidentiality, integrity, and availability of our systems, and working closely with development teams to build secure software.

Working as part of a dynamic agile team, the Application Security Engineer will be a member of a security engineering overseeing vulnerability management products. This role will be an individual contributor for supporting software engineering teams responsible for the most complex and technologically driven digital transformation products with the largest market demand; deemed as vital to the organization. Operates at a highly independent level, consulting with management on the potential implications of various actions. Heavily contributes to the development of short- and long-term goals to meet product objectives and the implementation of appropriate long term strategic plans. Requires a strong knowledge and passion for application security.

Responsibilities:

• Assess, design, and implement security measures for our applications, systems, and networks.

• Conduct regular security assessments, code reviews, and vulnerability scans to identify potential risks.

• Ability to recognize and address antipatterns at scale

• Collaborate with development teams to promote secure coding practices and resolve security issues in a timely manner.

• Develop and maintain security policies, procedures, and guidelines for the organization.

• Create and deliver training programs to educate staff on application security best practices.

• Lead incident response activities, including investigation, remediation, and post-mortem analysis.

• Stay up to date on the latest security trends, tools, and technologies, and recommend improvements to our security posture.

• Support application security tooling for engineering teams.

Basic Qualifications

• Bachelor’s degree in computer science or information Security or equivalent work experience

• At least five years of experience with the processes, tools, techniques, and practices for assuring adherence to quality standards associated with developing, enhancing, and operationalizing application systems and databases.

Preferred Skills and Competencies

• Three years of Java or other object-oriented programming experience

• Five or more years of demonstrated application security experience.

• Familiarity with OWASP ASVS, ISO 27034, NIST 800-53 Frameworks.

• Proficiency auditing object-oriented languages for vulnerabilities.

• Experience deploying applications in Azure or other public cloud environments.

• Experience deploying containerized applications.

• Strong knowledge of secure software development practices, web application security, and cloud security.

• Experience with security application security tooling such as SAST, DAST, IAST, SCA

• Experience threat modeling applications and services for threats and mitigations.

• Strong analytical and problem-solving skills, with the ability to adapt to new challenges quickly.

• Excellent communication skills, both written and verbal, with the ability to effectively communicate complex security concepts to both technical and non-technical stakeholders.

• Relevant security certifications (e.g., GWAPT, CISSP, CEH, or OSCP) are highly desirable.

• Dedication to keep current by researching security standards and best practices, security monitoring systems, encryption technologies, authentication protocols etc.

#ISS

#LI-REMOTE

If there’s anything we can do to accommodate a disability during any portion of the application or hiring process, please refer to our disability accommodations for applicants (https://careers.usbank.com/global/en/disability-accommodations-for-applicants) .

Learn how the way we work at U.S. Bank (https://assets.phenompeople.com/CareerConnectResources/prod/UBNAGLOBAL/documents/Thewaywework-1666895142717.pdf) drives meaningful relationships with our customers and collaboration across the company.

Benefits:

Our approach to benefits and total rewards considers our team members’ whole selves and what may be needed to thrive in and outside work. That’s why our benefits are designed to help you and your family boost your health, protect your financial security and give you peace of mind. Our benefits include the following (some may vary based on role, location or hours):

• Healthcare (medical, dental, vision)

• Basic term and optional term life insurance

• Short-term and long-term disability

• Pregnancy disability and parental leave

• 401(k) and employer-funded retirement plan

• Paid vacation (from two to five weeks depending on salary grade and tenure)

• Up to 11 paid holiday opportunities

• Adoption assistance

• Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law

EEO is the Law

U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors. Applicants can learn more about the company’s status as an equal opportunity employer by viewing the federal KNOW YOUR RIGHTS (https://eeoc.gov/sites/default/files/2022-10/EEOC_KnowYourRights_screen_reader_10_20.pdf) EEO poster.

E-Verify

U.S. Bank participates in the U.S. Department of Homeland Security E-Verify program in all facilities located in the United States and certain U.S. territories. The E-Verify program is an Internet-based employment eligibility verification system operated by the U.S. Citizenship and Immigration Services. Learn more about the E-Verify program (https://careers.usbank.com/verification-of-eligibility-for-employment) .

The salary range reflects figures based on the primary location, which is listed first. The actual range for the role may differ based on the location of the role. In addition to salary, US Bank offers a comprehensive benefits package, including incentive and recognition programs, equity stock purchase 401k contribution and pension (all benefits are subject to eligibility requirements). Pay Range: $99,365.00 – $116,900.00 – $128,590.00

U.S. Bank will consider qualified applicants with criminal histories in a manner consistent with the San Francisco Fair Chance Ordinance.