Sr. Information Security Risk Analyst

Sr. Information Security Risk Analyst

As part of UMB's Corporate Information Security and Privacy (CISP) team, the mission is to identify threats, vulnerabilities, and risks and to help protect the people, information, and services within the organization. CISP works closely with all lines of business. This role will work especially close with UMB enterprise technology and information security teams to ensure data protection initiatives are present, usable and, understood within the organization.

As the Sr. Information Security Risk Analyst, you will be responsible for supporting UMB's Information Security Program to ensure UMB is able to address rapidly changing threats, technologies, and business conditions. This is a subset of the overall responsibilities which involves other multiple initiatives as assigned by Corporate Risk leadership.

This role is hybrid (Mon through Thu on-site / Fri remote) located in our downtown Kansas City, MO headquarters.

How you will spend your time:

• Collaborate and drive security initiatives, working with people across multiple teams and diverse functions.
• Enable the business and other stakeholders to make risk-aware decisions by advising business units and technology leaders of the information security risks and proposing acceptable risk treatment options and alternatives.
• Support the information security program efforts through the collection of performance indicators, metrics, and other evidence and communicating relevant, succinct, and actionable recommendations to leadership.
• Support UMB's PCI-DSS compliance and assessment activities while supporting our internal technology and business teams across the organization.
• Proactively maintain a current and working understanding of information security best practices, the practical application of security concepts, relevant information security and technology regulations, threats, and industry trends.
• Assist in responding to internal/external audits, including third-party security assessments, if applicable.
• Maintain a current and working understanding of relevant information security and technology regulations and industry trends, including UMB Information Security Policies and the practical application of the Policies.
• Manage multiple simultaneous workstreams supporting disparate stakeholders, providing appropriate and timely communication of issues, concerns, risks, and status.

We are excited to talk if you have:

• Bachelor's degree in Management Information Systems (MIS), Computer Science or a related discipline OR equivalent work experience.
• At least 5 years of experience in information security, security audit, or information security risk management/compliance.
• Working knowledge and practical application of the PCI-DSS compliance framework and how organizations meet those requirements.
• Strong knowledge of risk and controls, including working knowledge of standards and frameworks such as COSO, COBIT, ISO, NIST, and ITIL.
• Ability to thrive in an environment of change and manage multiple tasks and responsibilities simultaneously.
• Understanding of and practical experience with information security risk assessments and information security audits.

Bonus Points if you have:

• CISSP, CRISC, SEC+, PCI-DSS ISA/PCIP or applicable certifications/accreditation.
• Strong understanding of information security regulatory requirements and best practices.
• General understanding of banking and financial services processes, and the related risks to securing and managing data.

Applicants must have legal authority to work in the United States. Work Visa sponsorship is not available for this position.

Targeted compensation for this opening: The posted salary range reflects the broadest standard range for this role, including all locations. The anticipated compensation for this specific position is $100,000 – 120,000.

UMB offers competitive and varied benefits to eligible associates, such as Paid Time Off; a 401(k) matching program; annual incentive pay; paid holidays; a comprehensive company sponsored benefit plan including medical, dental, vision, and other insurance coverage; health savings, flexible spending, and dependent care accounts; adoption assistance; an employee assistance program; fitness reimbursement; tuition reimbursement; an associate wellbeing program; an associate emergency fund; and various associate banking benefits. Benefit offerings and eligibility requirements vary.

UMB and its affiliates are committed to inclusion and diversity and provide employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including gender, pregnancy, sexual orientation, and gender identity), national origin, age, disability, military service, veteran status, genetic information, or any other status protected by applicable federal, state, or local law.