U.S. Bank
Join to apply for the
Sr Cloud Detection Engineer
role at
U.S. Bank
At U.S. Bank, we’re on a journey to do our best. This role is within the Threat Detection Engineering team and focuses on developing and maintaining detection capabilities across AWS, Azure, and Google Cloud Platform (GCP), with emphasis on container security.
About the Role We are seeking a highly skilled and motivated Senior Cloud Detection Engineer to join our Threat Detection Engineering team. This role is critical to advancing our Threat-Informed Defense strategy by developing and maintaining detection capabilities across cloud environments, with a strong emphasis on container security.
The role offers a hybrid/flexible schedule with in-office expectation of 3 or more days per week and flexibility to work remotely for the remaining days, at one of the following locations:
Minneapolis, MN
Cincinnati, OH
Atlanta, GA
Charlotte, NC
Irving, TX
You will collaborate closely with Cyber Threat Intelligence, Threat Hunting, and SOC Response teams to build scalable, resilient, and actionable detections that improve visibility and reduce risk across our cloud environments.
Key Responsibilities
Design and implement detection logic for cloud-native threats across AWS, Azure, and GCP.
Develop and maintain container security detections (e.g., Kubernetes, Docker, EKS, AKS, GKE).
Integrate detections into SIEM and XDR platforms, ensuring high fidelity and low noise.
Collaborate with CTI and Threat Hunting teams to operationalize threat intelligence into detection use cases.
Conduct gap analysis and contribute to visibility improvement initiatives.
Participate in purple team exercises and breach & attack simulations to validate detection coverage.
Provide technical mentorship to junior engineers and contribute to detection engineering standards.
Preferred Skills/Experience
5+ years of experience in cybersecurity with a focus on cloud detection engineering.
Typically a bachelor's degree or equivalent experience
Advanced technical and functional subject matter expert knowledge across security domains
Additional Skills
Deep understanding of AWS, Azure, and GCP security services and logging (e.g., CloudTrail, Azure Activity Logs, GCP Audit Logs).
Hands-on experience with container orchestration platforms and security tools (e.g., Falco, Sysdig, Aqua, Prisma Cloud).
Proficiency in writing detection rules using Sigma, KQL, SPL, or similar query languages.
Familiarity with MITRE ATT&CK Framework and its cloud matrix.
Experience with SIEM/XDR platforms (e.g., Splunk, Sentinel, Chronicle, Elastic).
Strong scripting skills (Python, PowerShell, Bash) for automation and enrichment.
Certifications such as AWS Certified Security – Specialty, Azure Security Engineer Associate, or GCP Professional Cloud Security Engineer.
Experience with Infrastructure-as-Code (IaC) and CI/CD pipeline security.
Exposure to threat modeling and adversary emulation in cloud environments.
AI-Enabled Systems Defense Skills
Understanding of AI/ML threat models, including adversarial machine learning, model inversion, data poisoning, and evasion techniques.
Experience securing ML pipelines and infrastructure, including model training, deployment, and monitoring stages.
Familiarity with AI-specific logging and telemetry, such as model inference logs, feature drift, and anomaly detection.
Ability to develop detections for AI misuse or abuse scenarios, including prompt injection, unauthorized model access, and synthetic identity generation.
Knowledge of AI governance and compliance frameworks, including NIST AI RMF, EU AI Act, and emerging standards.
Collaboration with data science and ML engineering teams to ensure secure model development and deployment practices.
Why Join Us Be part of a forward-thinking cyber defense organization driving Threat-Informed Defense. Work with cutting-edge technologies and a collaborative team of experts. Influence detection strategy and help shape the future of cloud security.
If there’s anything we can do to accommodate a disability during any portion of the application or hiring process, please refer to our disability accommodations for applicants.
Benefits Our approach to benefits and total rewards considers our team members’ whole selves and what may be needed to thrive in and outside work. Our benefits include the following (some may vary based on role, location or hours):
Healthcare (medical, dental, vision)
Basic term and optional term life insurance
Short-term and long-term disability
Pregnancy disability and parental leave
401(k) and employer-funded retirement plan
Paid vacation (from two to five weeks depending on salary grade and tenure)
Up to 11 paid holiday opportunities
Adoption assistance
Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law
U.S. Bank is an equal opportunity employer. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, and other factors protected under applicable law.
U.S. Bank participates in the U.S. Department of Homeland Security E-Verify program in all facilities located in the United States and certain U.S. territories. The E-Verify program is an Internet-based employment eligibility verification system operated by the U.S. Citizenship and Immigration Services.
The salary range reflects figures based on the primary location, which is listed first. The actual range for the role may differ based on the location of the role. Pay Range: $111,605.00 - $131,300.00
U.S. Bank will consider qualified applicants with arrest or conviction records for employment. U.S. Bank conducts background checks consistent with applicable local laws and federal guidelines.
Applicants must be able to comply with U.S. Bank policies and procedures including the Code of Ethics and Business Conduct and related workplace conduct and safety policies.
Posting may be closed earlier due to high volume of applicants.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Engineering and Information Technology
Industries
Banking
#J-18808-Ljbffr
Sr Cloud Detection Engineer
role at
U.S. Bank
At U.S. Bank, we’re on a journey to do our best. This role is within the Threat Detection Engineering team and focuses on developing and maintaining detection capabilities across AWS, Azure, and Google Cloud Platform (GCP), with emphasis on container security.
About the Role We are seeking a highly skilled and motivated Senior Cloud Detection Engineer to join our Threat Detection Engineering team. This role is critical to advancing our Threat-Informed Defense strategy by developing and maintaining detection capabilities across cloud environments, with a strong emphasis on container security.
The role offers a hybrid/flexible schedule with in-office expectation of 3 or more days per week and flexibility to work remotely for the remaining days, at one of the following locations:
Minneapolis, MN
Cincinnati, OH
Atlanta, GA
Charlotte, NC
Irving, TX
You will collaborate closely with Cyber Threat Intelligence, Threat Hunting, and SOC Response teams to build scalable, resilient, and actionable detections that improve visibility and reduce risk across our cloud environments.
Key Responsibilities
Design and implement detection logic for cloud-native threats across AWS, Azure, and GCP.
Develop and maintain container security detections (e.g., Kubernetes, Docker, EKS, AKS, GKE).
Integrate detections into SIEM and XDR platforms, ensuring high fidelity and low noise.
Collaborate with CTI and Threat Hunting teams to operationalize threat intelligence into detection use cases.
Conduct gap analysis and contribute to visibility improvement initiatives.
Participate in purple team exercises and breach & attack simulations to validate detection coverage.
Provide technical mentorship to junior engineers and contribute to detection engineering standards.
Preferred Skills/Experience
5+ years of experience in cybersecurity with a focus on cloud detection engineering.
Typically a bachelor's degree or equivalent experience
Advanced technical and functional subject matter expert knowledge across security domains
Additional Skills
Deep understanding of AWS, Azure, and GCP security services and logging (e.g., CloudTrail, Azure Activity Logs, GCP Audit Logs).
Hands-on experience with container orchestration platforms and security tools (e.g., Falco, Sysdig, Aqua, Prisma Cloud).
Proficiency in writing detection rules using Sigma, KQL, SPL, or similar query languages.
Familiarity with MITRE ATT&CK Framework and its cloud matrix.
Experience with SIEM/XDR platforms (e.g., Splunk, Sentinel, Chronicle, Elastic).
Strong scripting skills (Python, PowerShell, Bash) for automation and enrichment.
Certifications such as AWS Certified Security – Specialty, Azure Security Engineer Associate, or GCP Professional Cloud Security Engineer.
Experience with Infrastructure-as-Code (IaC) and CI/CD pipeline security.
Exposure to threat modeling and adversary emulation in cloud environments.
AI-Enabled Systems Defense Skills
Understanding of AI/ML threat models, including adversarial machine learning, model inversion, data poisoning, and evasion techniques.
Experience securing ML pipelines and infrastructure, including model training, deployment, and monitoring stages.
Familiarity with AI-specific logging and telemetry, such as model inference logs, feature drift, and anomaly detection.
Ability to develop detections for AI misuse or abuse scenarios, including prompt injection, unauthorized model access, and synthetic identity generation.
Knowledge of AI governance and compliance frameworks, including NIST AI RMF, EU AI Act, and emerging standards.
Collaboration with data science and ML engineering teams to ensure secure model development and deployment practices.
Why Join Us Be part of a forward-thinking cyber defense organization driving Threat-Informed Defense. Work with cutting-edge technologies and a collaborative team of experts. Influence detection strategy and help shape the future of cloud security.
If there’s anything we can do to accommodate a disability during any portion of the application or hiring process, please refer to our disability accommodations for applicants.
Benefits Our approach to benefits and total rewards considers our team members’ whole selves and what may be needed to thrive in and outside work. Our benefits include the following (some may vary based on role, location or hours):
Healthcare (medical, dental, vision)
Basic term and optional term life insurance
Short-term and long-term disability
Pregnancy disability and parental leave
401(k) and employer-funded retirement plan
Paid vacation (from two to five weeks depending on salary grade and tenure)
Up to 11 paid holiday opportunities
Adoption assistance
Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law
U.S. Bank is an equal opportunity employer. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, and other factors protected under applicable law.
U.S. Bank participates in the U.S. Department of Homeland Security E-Verify program in all facilities located in the United States and certain U.S. territories. The E-Verify program is an Internet-based employment eligibility verification system operated by the U.S. Citizenship and Immigration Services.
The salary range reflects figures based on the primary location, which is listed first. The actual range for the role may differ based on the location of the role. Pay Range: $111,605.00 - $131,300.00
U.S. Bank will consider qualified applicants with arrest or conviction records for employment. U.S. Bank conducts background checks consistent with applicable local laws and federal guidelines.
Applicants must be able to comply with U.S. Bank policies and procedures including the Code of Ethics and Business Conduct and related workplace conduct and safety policies.
Posting may be closed earlier due to high volume of applicants.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Engineering and Information Technology
Industries
Banking
#J-18808-Ljbffr