Info Sec 3rd Party Risk Manager
Company: Umpqua Bank
Posted on: August 14, 2019
JOB PURPOSE Responsible for Third Party Security Risk Management
activities under the direction of the Information Security Officer.
Leads the development, maintenance, and communication of the Third
Party Security Risk framework to support and inform the current
risk posture. Facilitates the gathering of risk and control
information for vendors of the Bank and uses the data to report on
inherent and residual risk levels. ESSENTIAL DUTIES AND
RESPONSIBILITIES Develop and maintain the framework used by the
Bank to evaluate and monitor security risk related to third party
service providers. Responsible for the design and implementation of
control validation and testing (CVT) activities and the integration
of third party and project risk areas into the CVT plan. Coordinate
Third Party security risk activities with the TPO group to ensure
accurate and complete transfer of information and reporting. Assist
the Information Security Officer in evaluating the adequacy of
controls and management of gaps that are identified via Third Party
review activities. Responsible for ensuring that appropriate risk
activities are performed to maintain compliance with regulatory
guidance Prepare Risk Management Reports to reflect vendor related
Information Security risk. Demonstrates compliance with all bank
regulations for assigned job function and applies to designated job
responsibilities -- knowledge may be gained through coursework and
on-the-job training. Keeps up to date on regulation changes.
Follows all Bank policies and procedures, compliance regulations,
and completes all required annual or job-specific training.
Maintains a working knowledge of Bank's written policies and
procedures regarding Bank Secrecy Act, Regulation CC, Regulation E,
Bank Security and other regulations as applicable to this job
description. May be asked to coach, mentor, or train others and
teach coursework as subject matter expert. Actively learns,
demonstrates, and fosters the Umpqua corporate culture in all
actions and words. Takes personal initiative and is a positive
example for others to emulate. Embraces our vision to become The
World's Greatest Bank. May perform other duties as assigned.
SUPERVISORY RESPONSIBILITIES 4 REQUIRED KNOWLEDGE, SKILLS AND
ABILITIES Bachelor's degree in computer science, MIS, or business.
CISSP, CISA, Security+ certification preferred. 5-8 years of
experience in banking and/or Information Security with specific and
in-depth knowledge of current banking laws and regulations.
Advanced knowledge of Information Security principles, risk rating
processes, and control evaluation. Proven ability to apply risk
elements to supporting documentation requirements and control
design. Demonstrated ability to build processes of appropriate size
and complexity to accurately evaluate and rate controls and control
deficiencies. Ability to integrate complicated technical subject
matter into understandable and usable information that can be used
to design validation and testing activities. PHYSICAL AND
ENVIRONMENTAL DEMANDS Office environment -- no specific or unusual
physical or environmental demands. Occasional travel. Umpqua Bank
is committed to employing a diverse workforce. Qualified applicants
will receive consideration without regard to race, color, religion,
sex, national origin, age, sexual orientation, gender identity,
gender expression, protected veteran status, or disability. We
maintain a drug-free workplace and may perform pre-employment
substance abuse testing.
Keywords: Umpqua Bank, Spokane , Info Sec 3rd Party Risk Manager, Executive , Spokane, Washington
Didn't find what you're looking for? Search again!