Umpqua Bank is headquartered in the Pacific Northwest with 5,000+ employees and offers banking services to customers throughout the nation. It’s an especially exciting time to join our team as, following the recent merger with Columbia Bank, we have grown to become a leading western-based regional bank with more than $50B in assets under management and an unwavering commitment to our associates, our customers, and our communities.

We create a great place to work by offering a special brand of relationship banking and by providing a culture where associates thrive. Associates who embody our core values fit in well here and we are eager to meet candidates who demonstrate behaviors that align with Trust, Ownership, Growth, Empathy, Teamwork, Heart, Enjoyment, and Relationships.

About the Role:

As a Vulnerability Management Engineer, you'll be a key member of the Threat Management team. You'll identify vulnerabilities via scanning, validate findings, prioritize within the context of our environment, assign to the correct owner, and follow up on the status. You'll use your creativity to build processes that is as automated as possible.

• Drive the vulnerability management program as a leader and subject matter expert.
• Understanding of core cloud security concepts and cloud security tools
• Prior experience securing cloud assets in an enterprise environment
• Proactive approach to threat and vulnerability management - propose changes to processes and procedures in accordance with the latest security standards and threat landscape
• Lead the development and implementation of multiple vulnerability assessments and enterprise-wide scanning strategies across multiple complex environments.
• Oversee Vulnerability scanning and reporting.
• Establish and drive metrics, analytics, reporting, and a roadmap for continual program improvement.
• Ability to understand, design, and develop vulnerability mitigation strategy, prioritize identified vulnerabilities, and manage risk associated with vulnerabilities.
• Collaboration with threat intelligence and threat hunting teams to stay aware of emerging threats and new vulnerabilities.
• Work with multiple teams and organizations, translating security and vulnerability requirements into terms both leaders and technical implementers can use
• Demonstrates compliance with all bank regulations for assigned job function and applies to designated job responsibilities – knowledge may be gained through coursework and on-the-job training. Keeps up to date on regulation changes.
• Follows all Bank policies and procedures, compliance regulations, and completes all required annual or job-specific training.
• Maintain a working knowledge of Bank's written policies and procedures regarding Bank Secrecy Act, Regulation CC, Regulation E, Bank Security and other regulations as applicable to this job description.
• May be asked to coach, mentor, or train others and teach coursework as subject matter expert.
• Actively learns, demonstrates, and fosters the Umpqua corporate culture in all actions and words.
• Takes personal initiative and is a positive example for others to emulate.
• Embraces our vision to become “Business Bank of Choice”
• May perform other duties as assigned.

About You:

• Bachelor’s Degree in Information Security preferred.
• 4-7 years of experience managing tools and programs required.
• Proven ability to communicate technical issues to technical and non-technical audience.
• Experience with building queries for the creation of dashboards and reports.
• Advanced knowledge of Rapid7 or Insight VM on premise and cloud products.
• Experience in Azure Cloud Security Policy Enforcement
• Experience in analyzing & validating vulnerabilities to most effectively prioritize the most critical vulnerabilities to a given environment.
• Knowledge and experience in configuration compliance measurements
• Knowledge of internal audit concepts and regulatory requirements (e.g. SOX, GLBA, etc.).
• Ability to prioritize tasks and work though issues and obstacles with minimal guidance and coaching.
• Ability to work individually and as part of a team.
• Proficient written/verbal communications skills.
• CCNA, CCNP, CISA, CISSP, GCIH preferred.
• Occasional travel.

Workstyle: Fully onsite

Our Benefits:

We offer a competitive total rewards package including base wages and comprehensive benefits. The pay range for this role is $84,770.00 -$172,014.00 .00and the pay rate for the selected candidate is dependent upon a variety of non-discriminatory factors including, but not limited to, job-related knowledge, skills, and experience, education, and geographic location. The role may be eligible for performance-based incentive compensation and those details will be provided during the recruitment process.

We offer eligible associates comprehensive healthcare coverage (medical, dental, and vision plans), a 401(k)-retirement savings plan with employer match for qualifying associate contributions, an employee assistance program, life insurance, disability insurance, tuition assistance, mental health resources, identity theft protection, legal support, auto and home insurance, pet insurance, access to an online discount marketplace, and paid vacation, sick days, volunteer days, and holidays. Benefit eligibility begins the first day of the month following the date of hire for associates who are regularly scheduled to work at least thirty hours weekly.

Our Commitment to Diversity:

Umpqua Bank is an equal opportunity and affirmative action employer committed to employing, engaging, and developing a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, age, sexual orientation, gender identity, gender expression, protected veteran status, disability, or any other applicable protected status or characteristics. If you require an accommodation to complete the application or interview(s), please let us know by email: [email protected]

To Staffing and Recruiting Agencies:

Our posted job opportunities are only intended for individuals seeking employment at Umpqua Bank. Umpqua Bank does not accept unsolicited resumes or applications from agencies and Umpqua Bank will not be responsible for any fees related to unsolicited resume submissions. Staffing and recruiting agencies are not authorized to submit profiles, applications, or resumes to this site or to any Umpqua Bank employee and any

such submissions will be considered unsolicited unless requested directly by a member of the Talent Acquisition team.