Information Security Risk and Compliance Analyst
Listed on 2026-07-13
-
IT/Tech
Information Security, Cybersecurity
Position
Information Security Risk and Compliance Analyst – Denver, CO
Job SummaryProvides day‑to‑day tactical support to the enterprise’s second line Information Security Risk & Compliance function by executing defined control oversight and risk support activities. The analyst performs recurring and ad‑hoc assessments such as user access reviews, vendor due diligence and monitoring, and other control validation tasks to support effective oversight of controls owned by first line business and technology teams. This role focuses on accuracy, consistency, and documentation quality while building foundational risk, control, and regulatory knowledge.
Compensation& Working Arrangement
Salary range: $65,000 – $75,000. Hybrid work options available.
Responsibilities- Perform assigned second line control oversight activities, including user access reviews, vendor due diligence, vendor monitoring, and other recurring risk reviews.
- Collect, review, and validate control evidence and supporting artifacts to assess completeness, accuracy, and alignment with defined requirements.
- Document review results clearly and consistently using standardized templates, tools, and procedures.
- Identify, document, and elevate exceptions, discrepancies, and potential control gaps to senior team members for evaluation.
- Support third‑party risk management activities, including intake, ongoing monitoring, and follow‑up with internal stakeholders.
- Maintain accurate and up‑to‑date information within risk, vendor, and control tracking systems.
- Assist with audit and regulatory readiness by organizing evidence and responding to information requests.
- Execute routine monitoring activities according to established schedules and governance expectations.
- Perform additional risk and compliance support tasks as assigned to support departmental priorities.
- Support the maintenance of governance documentation and continuous improvement of department processes.
- Perform the job in accordance with applicable industry laws and regulations as well as the policies and procedures established by the company.
- Uphold Fair and Responsible Banking practices and Code of Ethics and Conduct guidelines.
- Participate in the Bank’s Community Reinvestment Act program.
- Perform other duties as assigned.
- Bachelor’s degree in business, Risk Management, Information Systems, Security Management (or equivalent combination of education and experience).
- Financial services experience preferred.
- Pursuit of one or more of the following certifications is desirable:
Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Risk and Information Systems Controls (CRISC), Certified Information Security Auditor (CISA). - Working knowledge of NIST Cybersecurity Framework (CSF) and NIST Privacy Frameworks.
- Ability to exercise cross‑functional influence without direct authority.
- Strong written documentation and executive communications skills.
- Analytical mindset with practical, operational execution.
Employees may spend extended periods sitting or standing, using hands to operate computers or other equipment, and reaching for work‑related tasks. Regular walking may be required, accompanied by occasional bending, stooping, kneeling, or climbing. The role may involve lifting or moving items weighing up to 10 pounds. Vision requirements include close and distance vision, color and peripheral vision, depth perception, and the ability to adjust focus.
Benefits- 401(k) Plan with 6% Match
- Health/Dental/Vision Insurance
- Company‑paid Life Insurance
- Tuition Reimbursement
- Fitness Reimbursement
- Paid Time Off
- Volunteer Leave
- Paid Holidays
- Plus many more associate perks & incentives
Sunflower Bank, N.A. is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, disability, sexual orientation, gender identity, or any other characteristic protected by law.
Open until filled; early application encouraged.
#J-18808-Ljbffr(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).