Minnesota Staffing
Senior Cloud Detection Engineer
At U.S. Bank, we're on a journey to do our best. Helping the customers and businesses we serve to make better and smarter financial decisions and enabling the communities we support to grow and succeed. We believe it takes all of us to bring our shared ambition to life, and each person is unique in their potential. A career with U.S. Bank gives you a wide, ever-growing range of opportunities to discover what makes you thrive at every stage of your career. Try new things, learn new skills and discover what you excel atall from Day One. About the Role
We are seeking a highly skilled and motivated Senior Cloud Detection Engineer to join our Threat Detection Engineering team. This role is critical to advancing our Threat-Informed Defense strategy by developing and maintaining detection capabilities across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP), with a strong emphasis on container security. The role offers a hybrid/flexible schedule, which means there's an in-office expectation of 3 or more days per week and the flexibility to work outside the office location for the other days at one of the following locations: Minneapolis, MN Cincinnati, OH Atlanta, GA Charlotte, NC Irving, TX You will collaborate closely with Cyber Threat Intelligence, Threat Hunting, and SOC Response teams to build scalable, resilient, and actionable detections that improve visibility and reduce risk across our cloud environments. Key Responsibilities
Design and implement detection logic for cloud-native threats across AWS, Azure, and GCP. Develop and maintain container security detections (e.g., Kubernetes, Docker, EKS, AKS, GKE). Integrate detections into SIEM and XDR platforms, ensuring high fidelity and low noise. Collaborate with CTI and Threat Hunting teams to operationalize threat intelligence into detection use cases. Conduct gap analysis and contribute to visibility improvement initiatives. Participate in purple team exercises and breach & attack simulations to validate detection coverage. Provide technical mentorship to junior engineers and contribute to detection engineering standards. Preferred Skills/Experience
5+ years of experience in cybersecurity with a focus on cloud detection engineering. Typically a bachelor's degree or equivalent experience. Advanced technical and functional subject matter expert knowledge across security domains. Deep understanding of AWS, Azure, and GCP security services and logging (e.g., CloudTrail, Azure Activity Logs, GCP Audit Logs). Hands-on experience with container orchestration platforms and security tools (e.g., Falco, Sysdig, Aqua, Prisma Cloud). Proficiency in writing detection rules using Sigma, KQL, SPL, or similar query languages. Familiarity with MITRE ATT&CK Framework and its cloud matrix. Experience with SIEM/XDR platforms (e.g., Splunk, Sentinel, Chronicle, Elastic). Strong scripting skills (Python, PowerShell, Bash) for automation and enrichment. Certifications such as AWS Certified Security Specialty, Azure Security Engineer Associate, or GCP Professional Cloud Security Engineer. Experience with Infrastructure-as-Code (IaC) and CI/CD pipeline security. Exposure to threat modeling and adversary emulation in cloud environments. AI-Enabled Systems Defense Skills
Understanding of AI/ML threat models, including adversarial machine learning, model inversion, data poisoning, and evasion techniques. Experience securing ML pipelines and infrastructure, including model training, deployment, and monitoring stages. Familiarity with AI-specific logging and telemetry, such as model inference logs, feature drift, and anomaly detection. Ability to develop detections for AI misuse or abuse scenarios, including prompt injection, unauthorized model access, and synthetic identity generation. Knowledge of AI governance and compliance frameworks, including NIST AI RMF, EU AI Act, and emerging standards. Collaboration with data science and ML engineering teams to ensure secure model development and deployment practices. Why Join Us?
Be part of a forward-thinking cyber defense organization driving Threat-Informed Defense. Work with cutting-edge technologies and a collaborative team of experts. Influence detection strategy and help shape the future of cloud security. Benefits
Our approach to benefits and total rewards considers our team members' whole selves and what may be needed to thrive in and outside work. That's why our benefits are designed to help you and your family boost your health, protect your financial security and give you peace of mind. Our benefits include the following (some may vary based on role, location or hours): Healthcare (medical, dental, vision) Basic term and optional term life insurance Short-term and long-term disability Pregnancy disability and parental leave 401(k) and employer-funded retirement plan Paid vacation (from two to five weeks depending on salary grade and tenure) Up to 11 paid holiday opportunities Adoption assistance Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law U.S. Bank is an equal opportunity employer. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, and other factors protected under applicable law.
At U.S. Bank, we're on a journey to do our best. Helping the customers and businesses we serve to make better and smarter financial decisions and enabling the communities we support to grow and succeed. We believe it takes all of us to bring our shared ambition to life, and each person is unique in their potential. A career with U.S. Bank gives you a wide, ever-growing range of opportunities to discover what makes you thrive at every stage of your career. Try new things, learn new skills and discover what you excel atall from Day One. About the Role
We are seeking a highly skilled and motivated Senior Cloud Detection Engineer to join our Threat Detection Engineering team. This role is critical to advancing our Threat-Informed Defense strategy by developing and maintaining detection capabilities across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP), with a strong emphasis on container security. The role offers a hybrid/flexible schedule, which means there's an in-office expectation of 3 or more days per week and the flexibility to work outside the office location for the other days at one of the following locations: Minneapolis, MN Cincinnati, OH Atlanta, GA Charlotte, NC Irving, TX You will collaborate closely with Cyber Threat Intelligence, Threat Hunting, and SOC Response teams to build scalable, resilient, and actionable detections that improve visibility and reduce risk across our cloud environments. Key Responsibilities
Design and implement detection logic for cloud-native threats across AWS, Azure, and GCP. Develop and maintain container security detections (e.g., Kubernetes, Docker, EKS, AKS, GKE). Integrate detections into SIEM and XDR platforms, ensuring high fidelity and low noise. Collaborate with CTI and Threat Hunting teams to operationalize threat intelligence into detection use cases. Conduct gap analysis and contribute to visibility improvement initiatives. Participate in purple team exercises and breach & attack simulations to validate detection coverage. Provide technical mentorship to junior engineers and contribute to detection engineering standards. Preferred Skills/Experience
5+ years of experience in cybersecurity with a focus on cloud detection engineering. Typically a bachelor's degree or equivalent experience. Advanced technical and functional subject matter expert knowledge across security domains. Deep understanding of AWS, Azure, and GCP security services and logging (e.g., CloudTrail, Azure Activity Logs, GCP Audit Logs). Hands-on experience with container orchestration platforms and security tools (e.g., Falco, Sysdig, Aqua, Prisma Cloud). Proficiency in writing detection rules using Sigma, KQL, SPL, or similar query languages. Familiarity with MITRE ATT&CK Framework and its cloud matrix. Experience with SIEM/XDR platforms (e.g., Splunk, Sentinel, Chronicle, Elastic). Strong scripting skills (Python, PowerShell, Bash) for automation and enrichment. Certifications such as AWS Certified Security Specialty, Azure Security Engineer Associate, or GCP Professional Cloud Security Engineer. Experience with Infrastructure-as-Code (IaC) and CI/CD pipeline security. Exposure to threat modeling and adversary emulation in cloud environments. AI-Enabled Systems Defense Skills
Understanding of AI/ML threat models, including adversarial machine learning, model inversion, data poisoning, and evasion techniques. Experience securing ML pipelines and infrastructure, including model training, deployment, and monitoring stages. Familiarity with AI-specific logging and telemetry, such as model inference logs, feature drift, and anomaly detection. Ability to develop detections for AI misuse or abuse scenarios, including prompt injection, unauthorized model access, and synthetic identity generation. Knowledge of AI governance and compliance frameworks, including NIST AI RMF, EU AI Act, and emerging standards. Collaboration with data science and ML engineering teams to ensure secure model development and deployment practices. Why Join Us?
Be part of a forward-thinking cyber defense organization driving Threat-Informed Defense. Work with cutting-edge technologies and a collaborative team of experts. Influence detection strategy and help shape the future of cloud security. Benefits
Our approach to benefits and total rewards considers our team members' whole selves and what may be needed to thrive in and outside work. That's why our benefits are designed to help you and your family boost your health, protect your financial security and give you peace of mind. Our benefits include the following (some may vary based on role, location or hours): Healthcare (medical, dental, vision) Basic term and optional term life insurance Short-term and long-term disability Pregnancy disability and parental leave 401(k) and employer-funded retirement plan Paid vacation (from two to five weeks depending on salary grade and tenure) Up to 11 paid holiday opportunities Adoption assistance Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law U.S. Bank is an equal opportunity employer. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, and other factors protected under applicable law.