Jobs · Analyst · Kansas

Information Security Risk and Compliance Analyst

Capitol Federal® Savings Bank · Topeka, KS · 3 wk ago
On-siteAnalystFull-time

About the role

The Information Security (IS) Risk and Compliance Analyst at Capitol Federal Savings Bank works under the Information Security Officer Assistant Risk Manager, collaborating closely with the Information Technology (IT) Security department. This position involves monitoring system access, managing phishing exercises, and conducting IS risk assessments.

Responsibilities

  • Maintain access policies and advise IT personnel and business management on best practices regarding key system access changes, configurations, and other access controls.
  • Oversee the process for researching and responding to employee and consumer reported suspicious emails, and assist with phishing email escalation and handling.
  • Maintain the Bank's phishing email platform and plan, perform, and monitor social engineering and phishing exercises, including coordination with third-party providers and maintenance of internal phishing platforms.
  • Report exercise results to management and manage the Bank's security awareness training program, including developing training content, communicating with users, and performing new employee training presentations.
  • Perform IS risk assessments, such as GLBA-required information security assessments and electronic banking risk assessments, and support other reviews of security control effectiveness.
  • Work directly with IT and business management to assess and advise on IS risks and controls.
  • Participate in proactive team efforts to achieve departmental and company goals, including involvement in IS projects impacting the department's processes.
  • Perform other duties as assigned.

Required Qualifications

  • At least 5 years of related experience, preferably within IT audit, governance, risk, or compliance domains.
  • Additional industry certification related to information security or cybersecurity required (preferably: Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC)).
  • Working knowledge of IS and cybersecurity best practices, risks, and controls is imperative.
  • Excellent analytical and organizational skills, with strong observational skills and attention to detail.
  • Strong written and verbal communication skills, with ability to work with wide variety of audiences (e.g., senior management, entry level employees, etc.).
  • Experience with Microsoft Office and similar applications for compilation and presentation of daily tasks. Intermediate Microsoft Excel experience required, including use of semi-complex functions. Microsoft VBA knowledge preferred.
  • A significant level of trust and diplomacy is required to be an effective subject matter expert in the position.

Core Competencies

  • Customer Service
  • Communication Skills
  • Integrity and Professionalism
  • Problem Solving
  • Attention to Detail
  • Team Collaboration
  • Unconditional Ethics

Similar jobs

Information Security Risk Analyst

Midcontinent Independent System Operator (MISO)Greater Indianapolis· 1 wk ago
Information Technology$105k–$130k/yrapply on careers.misoenergy.org