Information Security Risk and Compliance Analyst

Sunflower Bank NA•Denver, CO

20h•$65,000 - $75,000•Hybrid

About The Position

Sunflower Bank, N.A. is experiencing great growth and is looking for an energetic, highly motivated individual to fill the position of a full-time Information Security Risk and Compliance Analyst at their Denver, CO location. The salary range for this position is $65,000 to $75,000 depending on knowledge, skills, abilities, experience, and location. Hybrid options are available. This role provides day-to-day tactical support to the enterprise’s second line Information Security Risk & Compliance function by executing defined control oversight and risk support activities. The Information Security Risk and Compliance Analyst performs recurring and ad hoc assessments such as user access reviews, vendor due diligence and monitoring, and other control validation tasks to support effective oversight of controls owned by first line business and technology teams. This role focuses on accuracy, consistency, and documentation quality while building foundational risk, control, and regulatory knowledge.

Requirements

Bachelor’s degree in business, Risk Management, Information Systems, Security Management (or equivalent combination of education and experience).
5-7 years of progressive experience in resilience disciplines
Financial services experience preferred.
Pursuit of one or more of the following certifications: Certified Information Security Manager (CISM), Certified Information Security Systems Professional (CISSP), Certified Risk and Information Systems Controls (CRISC), Certified Information Security Auditor (CISA).
Working knowledge of NIST Cybersecurity (CSF) and NIST Privacy Frameworks.
Cross-functional influence without direct authority.
Strong written documentation and executive communications.
Analytical mindset with practical, operational execution.

Responsibilities

Perform assigned second line control oversight activities, including user access reviews, vendor due diligence, vendor monitoring, and other recurring risk reviews.
Collect, review, and validate control evidence and supporting artifacts to assess completeness, accuracy, and alignment with defined requirements.
Document review results clearly and consistently using standardized templates, tools, and procedures.
Identify, document, and escalate exceptions, discrepancies, and potential control gaps to senior team members for evaluation.
Support third party risk management activities, including intake, ongoing monitoring, and follow up with internal stakeholders.
Maintain accurate and up to date information within risk, vendor, and control tracking systems.
Assist with audit and regulatory readiness by organizing evidence and responding to information requests.
Execute routine monitoring activities according to established schedules and governance expectations.
Perform additional risk and compliance support tasks as assigned to support departmental priorities.
Support the maintenance of governance documentation and continuous improvement of department processes.
Perform the job in accordance with applicable industry laws and regulations as well as the policies and procedures established by the company.
Responsible for upholding Fair and Responsible Banking practices and Code of Ethics and Conduct guidelines.
Understand and participate in the Bank’s Community Reinvestment Act program.
Perform other duties as assigned.