×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant IT Business Analyst

Information Security Risk and Compliance Analyst

Job in Topeka, Shawnee County, Kansas, 66652, USA
Listing for: Capfed
Full Time position
Listed on 2026-06-18
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, IT Business Analyst
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
## Information Security Risk and Compliance Analyst Apply locations:
Topeka, KStime type:
Full time posted on:
Posted 2 Days Agojob requisition :
R-101392
*
* Job Description:

***
* Job Title:

** Information Security Risk and Compliance Analyst
*
* Location:

** Topeka, KS
*
* Employment Type

**:
Full-Time
** About Capitol Federal
** At
** Capitol Federal Savings Bank**, we are committed to helping individuals, families, and communities achieve financial success. With a long-standing tradition of integrity, service, and financial stewardship, we strive to deliver exceptional banking experiences to every customer we serve.

Our team members are the foundation of our success. We believe in fostering a supportive environment where employees can grow professionally, contribute meaningfully, and build rewarding careers.
** Position Summary
** The Information Security (IS) Risk and Compliance Analyst is a member of the Compliance and Risk Management team, working under the Information Security Officer Assistant Risk Manager with strong collaboration with the Information Technology (IT) Security department.  This position monitors key system access changes, configurations, and controls to ensure compliance with policy and best practices.  The position also oversees the process for employee reporting of suspicious e-mails.  

This position manages the Bank’s social engineering and phishing testing program and provides user security training and awareness, including in person presentations and written communication.  This position performs IS risk assessments and supports other reviews of security control effectiveness. This position requires a knowledge of IT and IS best practices to advise on and assist with the Bank’s compliance with security and privacy requirements.  

As well, independent decision making on matters of moderate complexity and appropriate discretion in handling of confidential information is required.
** Key Responsibilities
** The responsibilities listed below represent the primary duties of this position. Additional duties may be assigned as needed.
* Monitor key system access changes, configurations, and other access controls and advise IT personnel and business management on access policies and best practices.
* Oversee process for researching and responding to employee and consumer reported suspicious e-mails, and assist with phishing e-mail escalation and handling.  Maintain the Bank’s phishing email platform.
* Plan, perform, and monitor Bank social engineering and phishing exercises, including coordination with third-party provider and maintenance of internal phishing platform.  Report exercise results to management.
* Manage the Bank’s security awareness training program, including developing training and awareness content, communicating with users in writing and verbally, and performing new employee training presentations.
* Perform IS risk assessments, such as GLBA-required information security assessments and electronic banking risk assessment, and other reviews of security control effectiveness.  As needed, work directly with IT and business management to assess and advise on IS risks and controls.
* Participate in proactive team efforts to achieve departmental and company goals, including involvement in IS projects impacting the department’s processes.
* Perform other duties as assigned.
* Must comply with current applicable laws, regulations and bank policies and procedures. Comply with all safety policies, practices and procedures. Report all unsafe activities to supervisor and/or Human Resources.
** Required Qualifications
*** At least 5 years of related experience, preferably within IT audit, governance, risk, or compliance domains.
* Additional industry certification related to information security or cybersecurity required (preferably:
Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC).
* Working knowledge of IS and cybersecurity best practices, risks, and controls is imperative.
* Excellent analytical and organizational skills, with strong observational skills and attention to detail.
* Strong written…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search