Job Description

At Umpqua, we create a great place to work by offering a unique brand of relationship banking and fostering a culture where associates thrive. We are dedicated to supporting our customers and communities, and we can only achieve this through the dedication of our employees. We value Trust, Ownership, Growth, Empathy, Teamwork, Heart, Enjoyment, and Relationships, and we are eager to meet candidates who embody these core values. We are always on the lookout for results-focused individuals who can think independently, work collaboratively, and support our broader purpose. Think of us as financial partners, because at Umpqua, we believe the best way forward is together. Together for people. Together for business. Together for better. About the Role : Provides oversight, governance, and effective challenge over the information security program and technology environment. Develops and maintains an enterprise-wide risk management program that will record, measure, and manage risk across the Bank and ensure that strategic priorities align with risk. Ensure the effective operation of key controls through monitoring and validation activities, to ensure the Bank is performing within risk tolerances and in line with regulatory and legal requirements (GLBA, FFIEC). Responsible for the Privacy program and second line governance of the data management program at the Bank. Govern, oversee, and provide effective challenge over the Bank's Information Security program and related processes and technology. Oversee the design and implementation of the enterprise wide Information Security and technology risk assessment, including the identification and classification information assets, recording and tracking the threats or vulnerabilities that could negatively affect those assets, assessing the inherent risk associated with threats and vulnerabilities, identifying key controls that mitigate the inherent risk, concluding on the residual level of risk and whether it is acceptable, and obtaining and maintaining a risk acceptance with an appropriate level of approval. Monitor and validate the effectiveness of controls across the bank's environment to ensure information and technology risk is being managed within the Bank's risk appetite statement. Develop and maintain Policies and Standards that establish requirements for technology, controls, and associate behavior within the Bank's processes and technology environment. Direct the development and ongoing maintenance of analytics and metrics for executive management and the Board of Directors as well as risk based information to support risk informed decision making within operational areas of the Bank. Direct the development, implementation, maintenance of an enterprise wide Privacy Program that includes : Managing and successfully implementing privacy compliance projects including California Consumer Privacy Act; Developing a privacy policy and privacy standards to ensure adherence to applicable privacy laws and regulations; Building or providing guidance and consultation on appropriate governance, oversight and monitoring of privacy compliance throughout the enterprise; and creating effective privacy compliance training for associates. Provide sound and effective privacy compliance advice relative to strategic initiatives, regulatory changes, policy and procedure reviews, process changes, new or changing products or services, and other initiatives, serving as a privacy expert on committees and working groups to articulate privacy requirements in large, enterprise-wide initiatives Lead a team of information security, risk, and privacy professionals to maintain and mature the governance and oversight program at the Bank. Oversees Third-Party Information Security Assessment (TISA) activities to ensure risk-based evaluations occur of vendors and third-party service providers' security and privacy programs. Oversees the administration of the Bank's corporate insurance program. Demonstrates compliance with all bank regulations for assigned job function and applies to designated job responsibilities - knowledge may be gained through coursework and on-the-job training. Keeps up to date on regulation changes. Follows all Bank policies and procedures, compliance regulations, and completes all required annual or job-specific training. Maintain a working knowledge of Bank's written policies and procedures regarding Bank Secrecy Act, Regulation CC, Regulation E, Bank Security and other regulations as applicable to this job description. May be asked to coach, mentor, or train others and teach coursework as subject matter expert. Actively learns, demonstrates, and fosters the Umpqua corporate culture in all actions and words. Takes personal initiative and is a positive example for others to emulate. Embraces our vision to become "Business Bank of Choice" May perform other duties as assigned. About You : Bachelor's Degree in Computer Science, Management Information Systems, Information Assurance, or other related field of study. Required Master's Degree in Computer Science, Management Information Systems, Information Assurance, or other related field of study. Preferred 15+ years of security or risk leadership experience in a large, complex, highly regulated organization. Preferred 7-10 years of experience managing a diverse team of security, risk, and privacy professionals. Preferred Demonstrated ability to define, develop, and maintain a control validation program to evaluate the effectiveness of asset and entity layer controls. Knowledge of third-party risk and experience defining and evaluating key risk elements and supporting risk review requirements. Proficient in evaluating the impacts of technology and process design decisions and providing strategic guidance that informs key stakeholders of risk and provides recommendations that align with the risk tolerances and risk appetite of the Bank. Proven ability to develop and mature reporting capabilities for executives and the Board of Directors as well as providing risk-based information to inform operational decisions. Advanced knowledge of Information Security, Risk, and Privacy domains and the ability to provide guidance and oversight at the program and technical levels and evaluate current state to the overall organizations risk appetite. Excellent written and verbal communication skills, interpersonal and collaboration skills, and the ability to communicate security and risk related concepts across a wide audience Strong business acumen and knowledge of the best practices within Information Security, Privacy, and Risk subject areas. CISSP, CISA. Required GSEC, GSNA, CIA. Preferred Job Location(s) : Ability to work fully onsite at posted location(s). Tacoma, WA, Spokane, WA, or Lake Oswego, OR Our Benefits : We offer a competitive total rewards package including base wages and comprehensive benefits. The pay range for this role is $151,000.00 - $220,000.0, and the pay rate for the selected candidate is dependent upon a variety of non-discriminatory factors including, but not limited to, job-related knowledge, skills, and experience, education, and geographic location. The role may be eligible for performance-based incentive compensation and those details will be provided during the recruitment process. We offer eligible associates comprehensive healthcare coverage (medical, dental, and vision plans), a 401(k)-retirement savings plan with employer match for qualifying associate contributions, an employee assistance program, life insurance, disability insurance, tuition assistance, mental health resources, identity theft protection, legal support, auto and home insurance, pet insurance, access to an online discount marketplace, and paid vacation, sick days, volunteer days, and holidays. Benefit eligibility begins the first day of the month following the date of hire for associates who are regularly scheduled to work at least thirty hours weekly. Our Commitment to Diversity : Umpqua Bank is an equal opportunity and affirmative action employer committed to employing, engaging, and developing a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, age, sexual orientation, gender identity, gender expression, protected veteran status, disability, or any other applicable protected status or characteristics. If you require an accommodation to complete the application or interview(s), please let us know by email : [email protected]. To Staffing and Recruiting Agencies : Our posted job opportunities are only intended for individuals seeking employment at Umpqua Bank. Umpqua Bank does not accept unsolicited resumes or applications from agencies and Umpqua Bank will not be responsible for any fees related to unsolicited resume submissions. Staffing and recruiting agencies are not authorized to submit profiles, applications, or resumes to this site or to any Umpqua Bank employee and any such submissions will be considered unsolicited unless requested directly by a member of the Talent Acquisition team. Create a job alert for this search #J-18808-Ljbffr Umpqua Holdings Corporation

Job Tags

Similar Jobs