Sr. Information Security Risk Analyst (Data Governance) (Hybrid)

About the position

As part of UMB's Corporate Information Security and Privacy (CISP) team, the mission is to identify threats, vulnerabilities, and risks and to help protect the people, information, and services within the organization. CISP works closely with all lines of business. This role will work especially close with UMB data governance, enterprise technology and information security teams to ensure data protection initiatives are present, usable and, understood within the organization. As the Sr. Information Security Risk Analyst, you will be responsible for supporting UMB's Data Governance and Information Security Programs and ensure UMB is able to address rapidly changing threats, technologies, and business conditions. The primary responsibility will be to ensure that UMB is meeting our data information governance security and regulatory compliance requirements. This is a subset of the overall responsibilities which involves other multiple initiatives as assigned by Corporate Risk leadership. This role is hybrid (Tue through Thu on-site) and could be at a location within the UMB footprint.

Responsibilities

• Participate in activities associated with UMB's information and data governance programs.
• Supporting the execution of a multi-year roadmap to enhance UMB's data governance capabilities.
• Conduct analysis and advise on information governance topics related legal and regulatory compliance.
• Monitor compliance with data governance policies and standards and assess potential risks associated with data handling.
• Collaborate and drive security initiatives, working with people across multiple teams and diverse functions.
• Enable the business and other stakeholders to make risk-aware decisions by advising business units and technology leaders of the information security risks and proposing acceptable risk treatment options and alternatives.
• Support the information security and data governance program efforts through the collection of performance indicators, metrics, and other evidence and communicating relevant, succinct, and actionable recommendations to leadership.
• Proactively maintain a current and working understanding of information and data governance best practices, the practical application of data security governance concepts, relevant information security and technology regulations and industry trends.
• Maintain a current and working understanding of relevant information governance and regulations and industry trends, including UMB Data Governance, Information Security Policies and the practical application of the Policies.
• Manage multiple simultaneous workstreams supporting disparate stakeholders, providing appropriate and timely communication of issues, concerns, risks, and status.

Requirements

• Bachelor's degree in Management Information Systems (MIS), Computer Science or a related discipline OR equivalent work experience.
• At least 5 years of experience in information security, with a specific focus on information and data governance.
• Strong knowledge of risk and controls, including working knowledge of standards and frameworks such as COSO, COBIT, ISO, NIST, and ITIL.
• Ability to thrive in an environment of change and manage multiple tasks and responsibilities simultaneously.
• Understanding of and practical experience with information security risk assessments and information security audits.

Nice-to-haves

• Information Governance Professional (IGP) and/or Certified Information Professional (CIP) certifications.
• Experience with Informatica data management platform.
• Industry recognized certification relevant to information security, such as CISSP, CRISC, SEC+, CISM or applicable certifications/accreditation.
• Strong understanding of information security regulatory requirements and best practices.
• General understanding of banking and financial services processes, and the related risks to securing and managing data.

Benefits

• Paid Time Off
• 401(k) matching program
• Annual incentive pay
• Paid holidays
• Comprehensive company sponsored benefit plan including medical, dental, vision, and other insurance coverage
• Health savings, flexible spending, and dependent care accounts
• Adoption assistance
• Employee assistance program
• Fitness reimbursement
• Tuition reimbursement
• Associate wellbeing program
• Associate emergency fund
• Various associate banking benefits