As part of UMB’s Corporate Information Security and Privacy (CISP) team , the mission is to identify threats, vulnerabilities, and risks and to help protect the people, information, and services within the organization. CISP works closely with all lines of business. This role will work especially close with UMB enterprise technology and information security teams to ensure data protection initiatives are present, usable and, understood within the organization.

As the Cybersecurity Incident Response Program Manager, you will play a critical role in safeguarding UMB's security posture and will help lead our information security response to potential cyber threats. You will be responsible for managing the strategic and tactical initiatives that align with our policies, plans, and processes. This is a subset of the overall responsibilities which involves other multiple initiatives as assigned by Corporate Risk leadership. This role is hybrid working Tuesday to Thursday on-site in our downtown Kansas City, MO location and remotely Monday and Friday.

How you’ll spend your time:

• Provide leadership and manage the Information Security Incident Response Program, including Policy and Incident Response Plan maintenance, playbook development and maintenance, facilitate tabletop exercises, and drive continuous Program maturity.

• Partner with Legal, Human Resources, Privacy, Information Technology, Threat Intelligence, Corporate Security, Insider Threat, and Fraud teams to align and manage Information Security Incident strategy and response.

• Coordinate, facilitate, and perform Information Security Incident Response activities throughout the lifecycle of an incident, including incident response planning, response actions, root cause analysis, post-mortem discussions, and plan enhancement activities.

• Responds to information security disclosure incidents to manage and mitigate the risk by working with internal stakeholders, including Legal, Corporate Communications, Line of Business leaders, and third-party partners to protect proprietary and customer information.

• Coordinate Information Security Incident Response calls and provide oversight of cyber incident response activities.

• Prepare and/or coordinate incident documentation in accordance with compliance, privacy, regulatory requirements, and legal guidance.

• Champion the Incident Response Program and lead awareness efforts to ensure incident response participants and stakeholders understand processes, investigations, analysis, and expectations.

• Maintain relationships with third party incident response partners to ensure efficient and effective engagement to support incident response activities include forensics, and advisory teams.

• Monitor evolving and emerging information security threats and assess threat relevance, likelihood, and impact against the Information Security Incident Response processes to determine necessary actions.

• Maintain a current and working understanding of relevant information security and technology regulations and industry trends to ensure continued compliance and alignment.

• Maintain a current and working understanding of UMB Information Security Policies and the practical application of the Policies.

We’re excited to talk with you if:

• You have a Bachelor’s degree in Computer Science, Information Technology or a related field OR equivalent work experience.

• You have at least 6 years of experience in compliance, risk management, or cybersecurity incident response.

• You have working knowledge of standards and frameworks such as COSO, COBIT, ISO, NIST, and ITIL.

• You have demonstrated strong self-management, organizational, and planning skills by consistently and effectively balancing multiple commitments and meeting deadlines.

• You are proficient in understanding of information security and technology risks, controls, and threats.

• You can adapt and thrive in an evolving and potentially high stress environment.

• You have successes in facilitating discussions with management.

• You can think and plan strategically yet comfortable with tactical tasks.

Bonus Points If:

• You have GIAC Incident Handler (GCIH), CISSP, CRISC, or Security+ certifications.

• You have banking or financial industry experience.

Applicants must have legal authority to work in the United States. Work Visa sponsorship not available for this position.

Compensation Range:

Minimum: $83,200.00 - Maximum: $214,560.00

The posted compensation range on this listing represents UMB’s standard for this role, but the actual compensation may vary by geographic location, experience level, and other job-related factors. In addition, this range does not encompass the full earning potential for this role. Please see the description of benefits included with this job posting for additional information

UMB offers competitive and varied benefits to eligible associates, such as Paid Time Off; a 401(k) matching program; annual incentive pay; paid holidays; a comprehensive company sponsored benefit plan including medical, dental, vision, and other insurance coverage; health savings, flexible spending, and dependent care accounts; adoption assistance; an employee assistance program; fitness reimbursement; tuition reimbursement; an associate wellbeing program; an associate emergency fund; and various associate banking benefits. Benefit offerings and eligibility requirements vary.

Are you ready to be part of something more?

You're more than a means to an end—a way to help us meet the bottom line. UMB isn't comprised of workers, but of people who care about their work, one another, and their community. Expect more than the status quo. At UMB, you can expect more heart. You'll be valued for exactly who you are and encouraged to support causes you care about. Expect more trust. We want you to do the right thing, no matter what. And, expect more opportunities. UMBers are known for having multiple careers here and having their voices heard.

UMB and its affiliates are committed to inclusion and diversity and provide employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including gender, pregnancy, sexual orientation, and gender identity), national origin, age, disability, military service, veteran status, genetic information, or any other status protected by applicable federal, state, or local law. If you need accommodation for any part of the employment process because of a disability, please send an e-mail to talentacquisition@umb.com to let us know the nature of your request.

If you are a California resident, please visit our Privacy Notice for California Job Candidates (https://p1.aprimocdn.net/umb/cdbf5f22-8f7a-43b9-bd03-b09f014a39c3/Privacy_Notice_for_California_Candidates_Original_file.pdf) to understand how we collect and use your personal information when you apply for employment with UMB.

Who we are

We are more than a company. We are advisors, consultants, problem solvers, friends, community members, experts, and we are here to help you make the best of every moment with a financial foundation that can help you succeed.

Learn more about UMB's vision (https://p1.aprimocdn.net/umb/8cf58ce2-e9d6-4621-b60a-b09f01638943/UMB_Tuce_Book_Original_file.pdf)

Check out the road to a career at UMB