At U.S. Bank, we’re on a journey to do our best. Helping the customers and businesses we serve to make better and smarter financial decisions and enabling the communities we support to grow and succeed. We believe it takes all of us to bring our shared ambition to life, and each person is unique in their potential. A career with U.S. Bank gives you a wide, ever-growing range of opportunities to discover what makes you thrive at every stage of your career. Try new things, learn new skills and discover what you excel at—all from Day One.

Job Description

This position is within the Technology and Security Risk Oversight team that resides in the Operational Risk Management function.

The Cloud Risk Oversight Analyst provides oversight and credible challenge to LOB/functions and escalates concerns, as appropriate, in support of the Bank's Risk Management Framework. This position is responsible for providing oversight and challenge to information technology and security activities, with a focus on those related to cloud. Maintains a balance between increased efficiency and appropriate risk mitigation and controls for the Line of Business (LOB)/function in alignment with Operational Risk Management vision and strategy and the LOB strategic plan. This position is responsible for oversight and challenge of control/risk assessments and the development of control enhancement recommendations.

Responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, and personally following policies and procedures as defined. Accountable for always doing the right thing for customers and colleagues and ensuring that actions and behaviors drive a positive customer experience. While operating within the Bank's risk appetite, achieves results by consistently identifying, assessing, managing, monitoring, and reporting risks of all types.

Essential Duties and Responsibilities

• Understand all operational risk program elements (i.e., IT/CSRM, RCSA, BCRA, etc.), methodology, governance, standards, and procedures, including templates and overall framework.

• Understand the organizational structure, key management personnel, and primary objectives of the LOBs supported.

• Keep up to date on the industry standards, best-practices, and regulatory requirements and guidelines related to safeguarding the confidentiality, integrity, and availability of the Bank's sensitive information; includes GLBA, PCI, FFIEC, Fed, and other related state/federal requirements. Ensure the operational risk appetite is understood by the business.

• Partner with LOB for risk Issue identification, escalation, and resolution. Oversee the identification and documentation of key operational processes, risks, and controls in the technology function.

• Provide oversight as 1st LOD completes their impact assessment and determination of changes needed and risk rating of the change. May provide challenge as working with more senior risk team members.

• Provides oversight and credible challenge to operational loss root cause analysis and action plans.

• Performs periodic Reviews of LOB procedures and Provides guidance for new processes.

Basic Qualifications

• Bachelor's degree, or equivalent work experience

• Typically 8+ years of applicable experience

Preferred Skills/Experience

• Five or more years of information technology experience required. Desired experience should include a foundation in IT security and controls

• Appropriate Azure certifications (AZ-900 and AZ-500 – may be in progress)

• Cloud, Risk and Cybersecurity certification (CISSP, CRISC, CISA, CISM, CCAK, CCSK)

• Knowledge of technology and security frameworks, such as NIST

• Professional verbal and written communication skills and the ability to communicate with discretion and understanding when confidentiality is needed

• General understanding of banking regulations is preferred

• Working knowledge of Microsoft Office products. Demonstrated ability to learn applications and internal banking systems.

• Expert knowledge of applicable laws, regulations, financial services, and regulatory trends that impact their assigned line of business

• Understand DevSecOps or system development lifecycle (SDLC) for Cloud migration

• Advanced knowledge of Risk/Compliance/Audit competencies

• Advanced knowledge of cloud technologies and oversight best practices

• Experience with and or understanding of cloud monitoring tools and methods

• Experience designing, implementing, and/or assessing business process, regulatory and IT internal controls, especially related to cloud environments

The role offers a hybrid/flexible schedule, which means there's an in-office expectation of 3 or more days per week and the flexibility to work outside the office location for the other days.

If there’s anything we can do to accommodate a disability during any portion of the application or hiring process, please refer to our disability accommodations for applicants.

Benefits:

Our approach to benefits and total rewards considers our team members’ whole selves and what may be needed to thrive in and outside work. That's why our benefits are designed to help you and your family boost your health, protect your financial security and give you peace of mind. Our benefits include the following (some may vary based on role, location or hours):

• Healthcare (medical, dental, vision)

• Basic term and optional term life insurance

• Short-term and long-term disability

• Pregnancy disability and parental leave

• 401(k) and employer-funded retirement plan

• Paid vacation (from two to five weeks depending on salary grade and tenure)

• Up to 11 paid holiday opportunities

• Adoption assistance

• Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law

U.S. Bank is an equal opportunity employer. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, and other factors protected under applicable law.

E-Verify

U.S. Bank participates in the U.S. Department of Homeland Security E-Verify program in all facilities located in the United States and certain U.S. territories. The E-Verify program is an Internet-based employment eligibility verification system operated by the U.S. Citizenship and Immigration Services. Learn more about the E-Verify program.

The salary range reflects figures based on the primary location, which is listed first. The actual range for the role may differ based on the location of the role. In addition to salary, U.S. Bank offers a comprehensive benefits package, including incentive and recognition programs, equity stock purchase 401(k) contribution and pension (all benefits are subject to eligibility requirements). Pay Range: $119,765.00 - $140,900.00 - $154,990.00

U.S. Bank will consider qualified applicants with arrest or conviction records for employment. U.S. Bank conducts background checks consistent with applicable local laws, including the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act as well as the San Francisco Fair Chance Ordinance. U.S. Bank is subject to, and conducts background checks consistent with the requirements of Section 19 of the Federal Deposit Insurance Act (FDIA). In addition, certain positions may also be subject to the requirements of FINRA, NMLS registration, Reg Z, Reg G, OFAC, the NFA, the FCPA, the Bank Secrecy Act, the SAFE Act, and/or federal guidelines applicable to an agreement, such as those related to ethics, safety, or operational procedures.

Applicants must be able to comply with U.S. Bank policies and procedures including the Code of Ethics and Business Conduct and related workplace conduct and safety policies.

Posting may be closed earlier due to high volume of applicants.