Sr. Information Security Risk Analyst

About The Position

Requirements

• Bachelor’s degree in Management Information Systems (MIS), Computer Science or a related discipline OR equivalent work experience.
• At least 5 years of experience in information security, security audit, or information security risk management/compliance.
• Working knowledge and practical application of the PCI-DSS compliance framework and how organizations meet those requirements.
• Strong knowledge of risk and controls, including working knowledge of standards and frameworks such as COSO, COBIT, ISO, NIST, and ITIL.
• Ability to thrive in an environment of change and manage multiple tasks and responsibilities simultaneously.
• Understanding of and practical experience with information security risk assessments and information security audits.
• Applicants must have legal authority to work in the United States.
• Work Visa sponsorship not available for this position.

Nice To Haves

• CISSP, CRISC, SEC+, PCI-DSS ISA/PCIP or applicable certifications/accreditation.
• Strong understanding of information security regulatory requirements and best practices.
• General understanding of banking and financial services processes, and the related risks to securing and managing data.

Responsibilities

• Collaborate and drive security initiatives, working with people across multiple teams and diverse functions.
• Enable the business and other stakeholders to make risk-aware decisions by advising business units and technology leaders of the information security risks and proposing acceptable risk treatment options and alternatives.
• Support the information security program efforts through the collection of performance indicators, metrics, and other evidence and communicating relevant, succinct, and actionable recommendations to leadership.
• Support UMB’s PCI-DSS compliance and assessment activities while supporting our internal technology and business teams across the organization.
• Proactively maintain a current and working understanding of information security best practices, the practical application of security concepts, relevant information security and technology regulations, threats, and industry trends.
• Assist in responding to internal/external audits, including third-party security assessments, if applicable.
• Maintain a current and working understanding of relevant information security and technology regulations and industry trends, including UMB Information Security Policies and the practical application of the Policies.
• Manage multiple simultaneous workstreams supporting disparate stakeholders, providing appropriate and timely communication of issues, concerns, risks, and status.

Benefits

• Paid Time Off
• a 401(k) matching program
• annual incentive pay
• paid holidays
• a comprehensive company sponsored benefit plan including medical, dental, vision, and other insurance coverage
• health savings, flexible spending, and dependent care accounts
• adoption assistance
• an employee assistance program
• fitness reimbursement
• tuition reimbursement
• an associate wellbeing program
• an associate emergency fund
• various associate banking benefits