Work in Washington Veterans Jobs

Job Information

Umpqua Bank Information Security Analyst - Remote in NA, Washington

In this role, you will perform risk management assurance activities related to IT and Cybersecurity governance, Sarbanes–Oxley Act (SOX) compliance, security training and awareness campaigns, project engagement, and third-party information security assessment reviews. In addition, you will provide consultation and guidance to the Technology Advancement Group (TAG) as needed.


· Maintain governance documentation detailing how information should be secured including the maintenance and development of internal process/procedure documentation including but not limited to technology and cybersecurity policies and standards.

· Perform and document formal risk analysis and self-assessments of internal technology control processes and third-party service providers, leveraging industry standards like CIS, ITIL, Sarbanes–Oxley Act, FFIEC CAT, COBIT, ISO 27001, Cloud Security Alliance, etc.

· Analyze internal technology and security controls to ensure compliance with documented and approved standards. You will ensure that information systems within environment comply with company policies, standards, and procedures.

· Drive and provide advisory and subject-matter expertise to technology teams and business units for IT and Cybersecurity compliance readiness.

· Track and monitor gaps in the IT and Cybersecurity risk management programs. You will maintain gap analysis documents; gather necessary information from technology and lines of business to identify areas to improve banking practices.

· Lead the process to identify new assets and perform the risk evaluation process to determine the risk ranking.

· Facilitate and liaise with technology leaders, key corporate risk groups (including Internal Audit, Corporate Compliance, Enterprise Risk Management, Legal) to ensure TAG is aligned with these groups and meeting obligations.

· Demonstrate compliance with all bank regulations that apply to your position and keep up to date on regulation changes.

· Maintain working knowledge of our policies and procedures regarding the Bank Secrecy Act, Regulation CC, Regulation E, Bank Security, and other regulations that apply to your position

· May be asked to coach, mentor, or train others and teach coursework as subject matter expert.


· Experience in risk management processes and evaluating controls relative to information security frameworks such as CIS Top 20, COBIT, ISO 27002, Sarbanes–Oxley Act, NIST 800 series, or financial services regulatory frameworks such as the FFIEC IT booklets and Cybersecurity Assessment Tool (CAT).

· Knowledge of systems and network concepts including access, authorization, configuration, and design.

· Demonstrate understanding of information security concepts including encryption, access controls, network security, security operations, security architect, threat modeling and design.

· Knowledge of applicable regulatory requirements including PCI DSS, GLBA, Sarbanes–Oxley Act, and HIPAA.

· Ability to operate in a cross-functional environment, build, and foster relationships with other departments and stakeholders.

· Ability to anticipate and respond to changing priorities and operate effectively in a dynamic demand-based environment, re

quiring extreme flexibility and responsiveness.

· CISA, CRISC, CISSP, CISM, Security +, or SANS GIAC (GSNA, etc.), preferred.

· 1-7 of experience in a combination of information security, IT audit, or information technology operations, required.

· High Schools Diploma or GED, required.

· Bachelor’s Degree in computer science or equivalent, preferred.

Physical Requirements and Working Conditions

Work involves:

· Sitting

· Occasional walking

· Lifting to 10 pounds

· Office Environment


· Occasional

No relocation is offered.

About Us

We do things a little differently here at Umpqua. Our retail stores serve as community hubs, our associates are given up to 40 hours of volunteer time each year, and we're never satisfied with the status quo. Greatness has no finish line, so we continue every day to keep people at the center of everything we do. We focus on building relationships, understanding our customers' needs, and connecting to people in new and innovative ways -- always staying true to our mission of providing personalized banking for all people, whenever and however they prefer to bank.

Umpqua Bank is committed to employing a diverse workforce. Qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, age, sexual orientation, gender identity, gender expression, protected veteran status, or disability. We maintain a drug-free workplace and may perform pre-employment substance abuse testing