Information Security & Technology Risk Analyst

About Ag Trust

AgTrust provides financial services to farmers, ranchers, and agribusinesses. We leverage both internal technology and outsourced IT services from our District Funding Bank to deliver secure, reliable, and efficient operations. As a smaller, agile organization, we value individuals who can work collaboratively across teams to strengthen cybersecurity, technology governance, and operational resilience.

AgTrust is seeking an Information Security & Technology Risk Analyst to help strengthen the organization's cybersecurity and technology risk oversight. This role oversees the governance of IT controls, information security practices, and third-party technology services to ensure AgTrust's systems and data remain secure and resilient.

The position works closely with internal teams and outsourced technology providers to monitor cybersecurity controls, evaluate technology risks, and support regulatory compliance. This role also serves as the Association's Designated Security Officer, coordinating the Information Security Program and helping leadership understand and manage technology-related risks across the organization.

This is a hands-on governance and security oversight role focused on IT controls, cybersecurity risk, and vendor technology oversight rather than day-to-day system administration or engineering.

• Monitor and support IT general controls (ITGCs) for internal systems, automation tools, and AI-enabled processes.
• Evaluate cybersecurity controls and security practices associated with outsourced IT services provided by the District Funding Bank.
• Assist in identifying, assessing, and mitigating technology-related risks impacting systems, data, and operations.
• Support coordination of incident response activities and documentation for technology or cybersecurity events.
• Maintain alignment with recognized frameworks such as those from the National Institute of Standards and Technology (NIST) and ISACA COBIT.

• Serve as the Association's Designated Security Officer, helping oversee the Information Security Program.
• Maintain and support information security policies, procedures, and standards.
• Coordinate security awareness efforts and periodic cybersecurity reporting to leadership.
• Assist with monitoring and responding to cybersecurity threats impacting internal or outsourced systems.

• Maintain and periodically test business continuity and disaster recovery plans for critical systems.
• Coordinate recovery planning and testing with internal stakeholders and the District Funding Bank.

• Assist in evaluating and monitoring risks associated with technology vendors and outsourced IT services.
• Conduct vendor security reviews, documentation, and follow-up on risk mitigation activities.

• Develop and enforce IT and enterprise risk policies, procedures, and governance standards.
• Collaborate with leadership to communicate risk awareness, provide guidance, and conduct training for staff.
• Assist with internal and external audits related to IT controls, cybersecurity, and regulatory expectations.
• Maintain documentation supporting technology risk management and regulatory expectations.

• Provide input to the Enterprise Risk Management Workgroup on technology and cybersecurity risks.
• Review business processes through an IT and data security lens to help identify potential vulnerabilities.

• Provide risk guidance for organizational initiatives, system implementations, process improvements, and digital transformation projects.
• Support evaluation of automation and AI processes for compliance, security, and operational efficiency.

First 90 Days:

• Gain an understanding of AgTrust's technology environment and outsourced IT services.
• Review existing IT controls, security policies, and cybersecurity practices.
• Build working relationships with internal teams and technology contacts at the District Funding Bank.

First 6 Months:

• Identify opportunities to strengthen IT controls and cybersecurity documentation.
• Support updates to the Information Security Program.
• Participate in vendor technology risk reviews and security awareness efforts.

First 12 Months:

• Improve visibility into technology and cybersecurity risks across systems and vendors.
• Support successful completion of IT and cybersecurity audits or regulatory reviews.
• Strengthen coordination with outsourced technology providers on security governance and resilience planning.

In this role, your work will focus on strengthening AgTrust's technology governance and cybersecurity posture while collaborating across teams and with our outsourced technology providers.

A typical week may include:

• Reviewing system access reports and IT control activities to ensure appropriate access management and change…