3Rd Party Risk Analyst

As part of UMB's Corporate Information Security and Privacy (CISP) team, the mission is to identify threats, vulnerabilities, and risks and to help protect the people, information, and services within the organization. CISP works closely with all lines of business.

As the Third-Party Risk Analyst, you will be responsible for supporting UMB's Information Security and Third-Party Risk Management Programs to ensure the company is able to address rapidly changing threats, technologies, and business conditions. This role will work especially close with UMB's sourcing team as well as stakeholders throughout the bank to ensure information security risks are assessed and mitigated in third-party vendor engagements. This is a subset of the overall responsibilities which involves other multiple initiatives as assigned by Corporate Risk leadership.

This role is hybrid (Mon through Thu on-site / Fri remote) working in our downtown Kansas City, MO corporate location.

How you will spend your time:

• Perform information security due diligence activities for new and ongoing third-party engagements, including risk assessments for third-party relationships.
• Assist Contract Managers with the review of third-party contract terms.
• Maintain a well-rounded understanding of information security best practices and practical applications of security concepts.
• Enable the business to make-risk aware decisions by advising business units and technology leaders of the information security risk of initiatives and propose acceptable risk treatment options.
• Support the Information Security Program through the collection and assessment of third-party documentation, performance indicators, metrics, and other evidence.
• Assist in responding to internal/external audits, including third-party security assessments, if applicable.
• Support the continuous maturity of the Information Security and Privacy Program by assessing gaps in regulatory expectations or industry standards.
• Maintain a current and working understanding of relevant information security and technology regulations and industry trends, including UMB Information Security Policies and the practical application of the Policies.

We are excited to talk if you have:

• Bachelor's degree in Management Information Systems (MIS), Accounting Information Systems, Computer Science or a related discipline OR equivalent work experience.
• At least 2 years of experience in Information Security, Vendor Management, Procurement, Bank Operations, Legal, Audit or Risk.
• Critical thinking skills and good judgement in evaluating situations and making decisions.
• Ability to independently execute non-complex tasks with limited guidance and complex tasks with manager oversight and guidance.

Bonus Points if you have:

• Understanding of and practical experience with information security risk assessment and information security audits.
• Experience with contract review.
• General understanding of banking and financial services processes, and the related risks to securing and managing data.
• General understanding of security and privacy law or regulation and frameworks such as NIST, GLBA, HIPAA, CCPA, and GDPR.

Applicants must have legal authority to work in the United States. Work Visa sponsorship not available for this position.

Compensation Range:

$57,760.00 - $124,170.00

The posted compensation range on this listing represents UMB's standard for this role, but the actual compensation may vary by geographic location, experience level, and other job-related factors. In addition, this range does not encompass the full earning potential for this role. Please see the description of benefits included with this job posting for additional information

UMB offers competitive and varied benefits to eligible associates, such as Paid Time Off; a 401(k) matching program; annual incentive pay; paid holidays; a comprehensive company sponsored benefit plan including medical, dental, vision, and other insurance coverage; health savings, flexible spending, and dependent care accounts; adoption assistance; an employee assistance program; fitness reimbursement; tuition reimbursement; an associate wellbeing program; an associate emergency fund; and various associate banking benefits. Benefit offerings and eligibility requirements vary.

Are you ready to be part of something more?

You're more than a means to an end-a way to help us meet the bottom line. UMB isn't comprised of workers, but of people who care about their work, one another, and their community. Expect more than the status quo. At UMB, you can expect more heart. You'll be valued for exactly who you are and encouraged to support causes you care about. Expect more trust. We want you to do the right thing, no matter what. And, expect more opportunities. UMBers are known for having multiple careers here and having their voices heard.

UMB and its affiliates are committed to inclusion and diversity and provide employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including gender, pregnancy, sexual orientation, and gender identity), national origin, age, disability, military service, veteran status, genetic information, or any other status protected by applicable federal, state, or local law. If you need accommodation for any part of the employment process because of a disability, please send an e-mail to talentacquisition@umb.com to let us know the nature of your request.

If you are a California resident, please visit our Privacy Notice for California Job Candidates to understand how we collect and use your personal information when you apply for employment with UMB.