Cybersecurity Engagement Advisor
Description
About Us:
At Umpqua, we create a great place to work by offering a unique brand of relationship banking and fostering a culture where associates thrive. We are dedicated to supporting our customers and communities, and we can only achieve this through the dedication of our employees.
We value Trust, Ownership, Growth, Empathy, Teamwork, Heart, Enjoyment, and Relationships, and we are eager to meet candidates who embody these core values. We are always on the lookout for results-focused individuals who can think independently, work collaboratively, and support our broader purpose.
Think of us as financial partners, because at Umpqua, we believe the best way forward is together. Together for people. Together for business. Together for better.
About the Role:
In this role, you will be responsible for partnering and providing security advisory services to the Product team and other relevant teams to ensure that key online banking products and services are secure and are meeting the business objectives. You will define product security assurance activities relied on including management structure and reporting metrics. You will ensure product security risks and threat vectors are identified, evaluated, and mitigated including establishment of feedback loops to relevant teams (e.g., Product, ERM, Legal, TAG IT GRC) to take appropriate actions.
Establish product security roadmap of deliverables and milestones including incremental onboarding of in scope online banking products and services, etc.
Manage security risks through contract reviews and negotiations (e.g., data breach notification, damage reparation, data ownership, access controls and safeguarding requirements).
Define security monitoring analytics and metrics (e.g., account lockout, response time) to determine control performance, identify patterns and report on any material changes, deviations and/or uptick to leadership and other key stakeholders.
Conduct user experience, product security modernization and enhancement reviews (e.g., secure, and fast logon options, conditional/risk-based authentication, user and administrative level activity monitoring and alerting).
Evaluate product security (posture) against emerging security threats and industry trends.
Track, coordinate and monitor bug fixes and garner support for security feature enhancements including active participation in vendor feature roadmap discussions.
Collaborate and act as a security advisor to the Product teams when new digital technologies and/or business needs are identified.
Educate and provide transparency to key stakeholders through distributing regular communications about online banking product management practices, security control status and maturity improvements.
Collaborate and work with the relevant team(s) to identify solutions to security control gaps (breakdowns), process improvements (control automation) and/or facilitate the risk acceptance process as needed.
Understand the interactions between systems, applications, and services within the environment, and evaluate the impact of security changes or additions.
Ability to review and as needed document reference architectures, network schematics, blueprints, patterns, and other types of security architectural documentation.
Maintain working knowledge of the current security environment and industry trends to identify security control issues, communicate this information to the respective technology engagement team through written correspondence and verbal presentations.
Maintain working knowledge of cloud delivery, security, and service deployment models for Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) offering.
Ability to learn new technology including associated security risks and controls..
Demonstrates compliance with all bank regulations for assigned job function and applies to designated job responsibilities knowledge may be gained through coursework and on-the-job training. Keeps up to date on regulation changes.
Follows all Bank policies and procedures, compliance regulations, and completes all required annual or job-specific training.
Maintain a working knowledge of Bank's written policies and procedures regarding Bank Secrecy Act, Regulation CC, Regulation E, Bank Security and other regulations as applicable to this job description.
May be asked to coach, mentor, or train others and teach coursework as subject matter expert.
Actively learns, demonstrates, and fosters the Umpqua corporate culture in all actions and words.
Takes personal initiative and is a positive example for others to emulate.
Embraces our vision to become Business Bank of Choice
May perform other duties as assigned.
About You:
Bachelors degree in Information Security.
4-7 years of information technology.
2-4 years of information/cyber security experience. Required.
Demonstrated experience with administering enterprise services including client and server systems, security tools and applications, directory services, firewalls, IDS/IPS, security gateways, routers, and switches, required.
Knowledge of operating system fundamentals, networking fundamentals, network protocols, web applications, and critical security controls.
Knowledge of common attacker tactics and techniques.
Knowledge of internal audit concepts and regulatory requirements (e.g. SOX, GLBA, etc.).
Ability to prioritize tasks and work though issues and obstacles with minimal guidance and coaching.
Ability to work individually and as part of a team.
Proficient written/verbal communications skills..
Job Location(s): Ability to work fully onsite at posted location(s).
Redding, CA, Phoenix, AZ, Boise, ID, Lake Oswego, OR, Portland, OR, Liberty Lake, WA or Tacoma, WA
Our Benefits:
We offer a competitive total rewards package including base wages and comprehensive benefits. The pay range for this role is $67,000.00 - $146,000.00 and the pay rate for the selected candidate is dependent upon a variety of non-discriminatory factors including, but not limited to, job-related knowledge, skills, and experience, education, and geographic location. The role may be eligible for performance-based incentive compensation and those details will be provided during the recruitment process.
We offer eligible associates comprehensive healthcare coverage (medical, dental, and vision plans), a 401(k)-retirement savings plan with employer match for qualifying associate contributions, an employee assistance program, life insurance, disability insurance, tuition assistance, mental health resources, identity theft protection, legal support, auto and home insurance, pet insurance, access to an online discount marketplace, and paid vacation, sick days, volunteer days, and holidays. Benefit eligibility begins the first day of the month following the date of hire for associates who are regularly scheduled to work at least thirty hours weekly.
Our Commitment to Diversity:
Umpqua Bank is an equal opportunity and affirmative action employer committed to employing, engaging, and developing a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, age, sexual orientation, gender identity, gender expression, protected veteran status, disability, or any other applicable protected status or characteristics. If you require an accommodation to complete the application or interview(s), please let us know by email: [email protected].
To Staffing and Recruiting Agencies:
Our posted job opportunities are only intended for individuals seeking employment at Umpqua Bank. Umpqua Bank does not accept unsolicited resumes or applications from agencies and Umpqua Bank will not be responsible for any fees related to unsolicited resume submissions. Staffing and recruiting agencies are not authorized to submit profiles, applications, or resumes to this site or to any Umpqua Bank employee and any such submissions will be considered unsolicited unless requested directly by a member of the Talent Acquisition team.
Apply Now
About Us:
At Umpqua, we create a great place to work by offering a unique brand of relationship banking and fostering a culture where associates thrive. We are dedicated to supporting our customers and communities, and we can only achieve this through the dedication of our employees.
We value Trust, Ownership, Growth, Empathy, Teamwork, Heart, Enjoyment, and Relationships, and we are eager to meet candidates who embody these core values. We are always on the lookout for results-focused individuals who can think independently, work collaboratively, and support our broader purpose.
Think of us as financial partners, because at Umpqua, we believe the best way forward is together. Together for people. Together for business. Together for better.
About the Role:
In this role, you will be responsible for partnering and providing security advisory services to the Product team and other relevant teams to ensure that key online banking products and services are secure and are meeting the business objectives. You will define product security assurance activities relied on including management structure and reporting metrics. You will ensure product security risks and threat vectors are identified, evaluated, and mitigated including establishment of feedback loops to relevant teams (e.g., Product, ERM, Legal, TAG IT GRC) to take appropriate actions.
Establish product security roadmap of deliverables and milestones including incremental onboarding of in scope online banking products and services, etc.
Manage security risks through contract reviews and negotiations (e.g., data breach notification, damage reparation, data ownership, access controls and safeguarding requirements).
Define security monitoring analytics and metrics (e.g., account lockout, response time) to determine control performance, identify patterns and report on any material changes, deviations and/or uptick to leadership and other key stakeholders.
Conduct user experience, product security modernization and enhancement reviews (e.g., secure, and fast logon options, conditional/risk-based authentication, user and administrative level activity monitoring and alerting).
Evaluate product security (posture) against emerging security threats and industry trends.
Track, coordinate and monitor bug fixes and garner support for security feature enhancements including active participation in vendor feature roadmap discussions.
Collaborate and act as a security advisor to the Product teams when new digital technologies and/or business needs are identified.
Educate and provide transparency to key stakeholders through distributing regular communications about online banking product management practices, security control status and maturity improvements.
Collaborate and work with the relevant team(s) to identify solutions to security control gaps (breakdowns), process improvements (control automation) and/or facilitate the risk acceptance process as needed.
Understand the interactions between systems, applications, and services within the environment, and evaluate the impact of security changes or additions.
Ability to review and as needed document reference architectures, network schematics, blueprints, patterns, and other types of security architectural documentation.
Maintain working knowledge of the current security environment and industry trends to identify security control issues, communicate this information to the respective technology engagement team through written correspondence and verbal presentations.
Maintain working knowledge of cloud delivery, security, and service deployment models for Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) offering.
Ability to learn new technology including associated security risks and controls..
Demonstrates compliance with all bank regulations for assigned job function and applies to designated job responsibilities knowledge may be gained through coursework and on-the-job training. Keeps up to date on regulation changes.
Follows all Bank policies and procedures, compliance regulations, and completes all required annual or job-specific training.
Maintain a working knowledge of Bank's written policies and procedures regarding Bank Secrecy Act, Regulation CC, Regulation E, Bank Security and other regulations as applicable to this job description.
May be asked to coach, mentor, or train others and teach coursework as subject matter expert.
Actively learns, demonstrates, and fosters the Umpqua corporate culture in all actions and words.
Takes personal initiative and is a positive example for others to emulate.
Embraces our vision to become Business Bank of Choice
May perform other duties as assigned.
About You:
Bachelors degree in Information Security.
4-7 years of information technology.
2-4 years of information/cyber security experience. Required.
Demonstrated experience with administering enterprise services including client and server systems, security tools and applications, directory services, firewalls, IDS/IPS, security gateways, routers, and switches, required.
Knowledge of operating system fundamentals, networking fundamentals, network protocols, web applications, and critical security controls.
Knowledge of common attacker tactics and techniques.
Knowledge of internal audit concepts and regulatory requirements (e.g. SOX, GLBA, etc.).
Ability to prioritize tasks and work though issues and obstacles with minimal guidance and coaching.
Ability to work individually and as part of a team.
Proficient written/verbal communications skills..
Job Location(s): Ability to work fully onsite at posted location(s).
Redding, CA, Phoenix, AZ, Boise, ID, Lake Oswego, OR, Portland, OR, Liberty Lake, WA or Tacoma, WA
Our Benefits:
We offer a competitive total rewards package including base wages and comprehensive benefits. The pay range for this role is $67,000.00 - $146,000.00 and the pay rate for the selected candidate is dependent upon a variety of non-discriminatory factors including, but not limited to, job-related knowledge, skills, and experience, education, and geographic location. The role may be eligible for performance-based incentive compensation and those details will be provided during the recruitment process.
We offer eligible associates comprehensive healthcare coverage (medical, dental, and vision plans), a 401(k)-retirement savings plan with employer match for qualifying associate contributions, an employee assistance program, life insurance, disability insurance, tuition assistance, mental health resources, identity theft protection, legal support, auto and home insurance, pet insurance, access to an online discount marketplace, and paid vacation, sick days, volunteer days, and holidays. Benefit eligibility begins the first day of the month following the date of hire for associates who are regularly scheduled to work at least thirty hours weekly.
Our Commitment to Diversity:
Umpqua Bank is an equal opportunity and affirmative action employer committed to employing, engaging, and developing a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, age, sexual orientation, gender identity, gender expression, protected veteran status, disability, or any other applicable protected status or characteristics. If you require an accommodation to complete the application or interview(s), please let us know by email: [email protected].
To Staffing and Recruiting Agencies:
Our posted job opportunities are only intended for individuals seeking employment at Umpqua Bank. Umpqua Bank does not accept unsolicited resumes or applications from agencies and Umpqua Bank will not be responsible for any fees related to unsolicited resume submissions. Staffing and recruiting agencies are not authorized to submit profiles, applications, or resumes to this site or to any Umpqua Bank employee and any such submissions will be considered unsolicited unless requested directly by a member of the Talent Acquisition team.
Apply Now