Information Security Risk and Compliance Analyst
Listed on 2026-07-16
-
IT/Tech
Information Security, Cybersecurity
Overview
At Sunflower Bank, N.A., we’re experiencing great growth. Since our founding in 1892, we've been committed to serving our communities and supporting the team members who make it all possible. As a full-service financial institution, we offer a full range of relationship-focused services to meet personal, business, and wealth-management financial objectives. Creating Possibility is not just our mission, it’s what we do every day for clients and associates.
Learn more about Sunflower Bank, N.A. at
Sunflower Bank, N.A. is looking for an energetic, highly motivated individual to fill the position of a full-time Information Security Risk and Compliance Analyst at our Denver, CO location.
Salary range: $65,000 to $75,000 depending on knowledge, skills, abilities, experience, and location.
Hybrid options available.
DescriptionProvides day to day tactical support to the enterprise’s second line Information Security Risk & Compliance function by executing defined control oversight and risk support activities. The Information Security Risk and Compliance Analyst performs recurring and ad hoc assessments such as user access reviews, vendor due diligence and monitoring, and other control validation tasks to support effective oversight of controls owned by first line business and technology teams.
This role focuses on accuracy, consistency, and documentation quality while building foundational risk, control, and regulatory knowledge.
- Perform assigned second line control oversight activities, including user access reviews, vendor due diligence, vendor monitoring, and other recurring risk reviews.
- Collect, review, and validate control evidence and supporting artifacts to assess completeness, accuracy, and alignment with defined requirements.
- Document review results clearly and consistently using standardized templates, tools, and procedures.
- Identify, document, and elevate exceptions, discrepancies, and potential control gaps to senior team members for evaluation.
- Support third party risk management activities, including intake, ongoing monitoring, and follow up with internal stakeholders.
- Maintain accurate and up-to-date information within risk, vendor, and control tracking systems.
- Assist with audit and regulatory readiness by organizing evidence and responding to information requests.
- Execute routine monitoring activities according to established schedules and governance expectations.
- Perform additional risk and compliance support tasks as assigned to support departmental priorities.
- Support the maintenance of governance documentation and continuous improvement of department processes.
- Perform the job in accordance with applicable industry laws and regulations as well as the policies and procedures established by the company.
- Responsible for upholding Fair and Responsible Banking practices and Code of Ethics and Conduct guidelines.
- Understand and participate in the Bank’s Community Reinvestment Act program.
- Perform other duties as assigned.
- Bachelor’s degree in business, Risk Management, Information Systems, Security Management (or equivalent combination of education and experience).
- Financial services experience preferred.
- Pursuit of one or more of the following certifications:
Certified Information Security Manager (CISM), Certified Information Security Systems Professional (CISSP), Certified Risk and Information Systems Controls (CRISC), Certified Information Security Auditor (CISA). - Working knowledge of NIST Cybersecurity (CSF) and NIST Privacy Frameworks.
- Cross-functional influence without direct authority.
- Strong written documentation and executive communications.
- Analytical mindset with practical, operational execution.
The physical demands of this position require the ability to perform essential job functions with or without reasonable accommodation. Employees may spend extended periods sitting or standing, using hands to operate computers or other equipment, and reaching for work-related tasks. Regular walking may be required, along with occasional bending, stooping, kneeling, or climbing. The role may involve lifting or moving items weighing…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).