Information Security & Technology Risk Analyst

About The Position

Requirements

• Bachelor's degree in information systems, cybersecurity, computer science, or a related field.
• 4–7 years of experience in IT risk management, cybersecurity governance, IT audit, or technology compliance.
• Familiarity with IT control and cybersecurity frameworks such as those from the National Institute of Standards and Technology, ISACA, or the International Organization for Standardization.
• Experience with IT general controls (ITGCs) including access management, change management, and system monitoring.
• Ability to communicate technical and cybersecurity risks in clear business terms.
• Strong analytical, communication, and collaboration skills; able to work cross-functionally in a small team.

Nice To Haves

• Professional certifications such as: Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Certified in Risk and Information Systems Control (CRISC) Certified Information Systems Security Professional (CISSP)
• Experience in financial services or regulated industries.
• Familiarity with third-party technology risk management and outsourced IT environments.
• Experience supporting business continuity and disaster recovery planning.

Responsibilities

• IT Risk & Security Oversight: Monitor and support IT general controls (ITGCs) for internal systems, automation tools, and AI-enabled processes.
• Evaluate cybersecurity controls and security practices associated with outsourced IT services provided by the District Funding Bank.
• Assist in identifying, assessing, and mitigating technology-related risks impacting systems, data, and operations.
• Support coordination of incident response activities and documentation for technology or cybersecurity events.
• Maintain alignment with recognized frameworks such as those from the National Institute of Standards and Technology (NIST) and ISACA COBIT.
• Information Security Program: Serve as the Association's Designated Security Officer, helping oversee the Information Security Program.
• Maintain and support information security policies, procedures, and standards.
• Coordinate security awareness efforts and periodic cybersecurity reporting to leadership.
• Assist with monitoring and responding to cybersecurity threats impacting internal or outsourced systems.
• Technology Resilience: Maintain and periodically test business continuity and disaster recovery plans for critical systems.
• Coordinate recovery planning and testing with internal stakeholders and the District Funding Bank.
• Third-Party Technology Risk: Assist in evaluating and monitoring risks associated with technology vendors and outsourced IT services.
• Conduct vendor security reviews, documentation, and follow-up on risk mitigation activities.
• Technology Governance & Compliance: Develop and enforce IT and enterprise risk policies, procedures, and governance standards.
• Collaborate with leadership to communicate risk awareness, provide guidance, and conduct training for staff.
• Assist with internal and external audits related to IT controls, cybersecurity, and regulatory expectations.
• Maintain documentation supporting technology risk management and regulatory expectations
• Enterprise Risk Collaboration: Provide input to the Enterprise Risk Management Workgroup on technology and cybersecurity risks.
• Review business processes through an IT and data security lens to help identify potential vulnerabilities.
• Strategic Initiatives & Project Support: Provide risk guidance for organizational initiatives, system implementations, process improvements, and digital transformation projects.
• Support evaluation of automation and AI processes for compliance, security, and operational efficiency.

Benefits

• Make a Real Impact: In a smaller, agile organization, your work directly strengthens the security and resilience of AgTrust's technology systems and supports farmers, ranchers, and agribusinesses across the region.
• Hybrid Technology Environment: Gain experience overseeing both internal systems and outsourced IT services from our District Funding Bank, providing exposure to a unique governance and vendor collaboration model.
• Hands-On, Meaningful Work: Take ownership of IT controls, cybersecurity oversight, and technology risk governance without being buried in purely administrative tasks.
• Collaborative Culture: Work closely with leadership, internal teams, and technology partners, contributing to enterprise initiatives while maintaining an IT perspective.
• Professional Growth: Build expertise in cybersecurity frameworks, IT risk management, and regulatory compliance in a supportive environment that values learning and development.