At Sunflower Bank, N.A., we’re experiencing great growth. Since our founding in 1892, we've been committed to serving our communities and supporting the team members who make it all possible. As a full-service financial institution, we offer a full range of relationship-focused services to meet personal, business, and wealth-management financial objectives. Creating Possibility is not just our mission, it’s what we do every day for clients and associates. Learn more about Sunflower Bank, N.A. at sunflowerbank.com.

Sunflower Bank, N.A. is looking for an energetic, highly motivated individual to fill the position of a full-time Information Security Risk and Compliance Analyst at our Denver, CO location.

The salary range for this position is $65,000 to $75,000 depending on knowledge, skills, abilities, experience, and location.
 

Hybrid options available.

Description:

Provides day to day tactical support to the enterprise’s second line Information Security Risk & Compliance function by executing defined control oversight and risk support activities. The Information Security Risk and Compliance Analyst performs recurring and ad hoc assessments such as user access reviews, vendor due diligence and monitoring, and other control validation tasks to support effective oversight of controls owned by first line business and technology teams. This role focuses on accuracy, consistency, and documentation quality while building foundational risk, control, and regulatory knowledge.

Responsibilities:

• Perform assigned second line control oversight activities, including user access reviews, vendor due diligence, vendor monitoring, and other recurring risk reviews.
• Collect, review, and validate control evidence and supporting artifacts to assess completeness, accuracy, and alignment with defined requirements.
• Document review results clearly and consistently using standardized templates, tools, and procedures.
• Identify, document, and escalate exceptions, discrepancies, and potential control gaps to senior team members for evaluation.
• Support third party risk management activities, including intake, ongoing monitoring, and follow up with internal stakeholders.
• Maintain accurate and up to date information within risk, vendor, and control tracking systems.
• Assist with audit and regulatory readiness by organizing evidence and responding to information requests.
• Execute routine monitoring activities according to established schedules and governance expectations.
• Perform additional risk and compliance support tasks as assigned to support departmental priorities.
• Support the maintenance of governance documentation and continuous improvement of department processes.
• Perform the job in accordance with applicable industry laws and regulations as well as the policies and procedures established by the company.
• Responsible for upholding Fair and Responsible Banking practices and Code of Ethics and Conduct guidelines.
• Understand and participate in the Bank’s Community Reinvestment Act program.
• Perform other duties as assigned.

Education / Experience

• Bachelor’s degree in business, Risk Management, Information Systems, Security Management (or equivalent combination of education and experience).
• 5-7 years of progressive experience in resilience disciplines
• Financial services experience preferred.
• Pursuit of one or more of the following certifications: Certified Information Security Manager (CISM), Certified Information Security Systems Professional (CISSP), Certified Risk and Information Systems Controls (CRISC), Certified Information Security Auditor (CISA).
• Working knowledge of NIST Cybersecurity (CSF) and NIST Privacy Frameworks.
• Cross-functional influence without direct authority.
• Strong written documentation and executive communications.
• Analytical mindset with practical, operational execution.

Working Conditions:

The physical demands of this position require the ability to perform essential job functions with or without reasonable accommodation. Employees may spend extended periods sitting or standing, using hands to operate computers or other equipment, and reaching for work-related tasks. Regular walking may be required, along with occasional bending, stooping, kneeling, or climbing. The role may involve lifting or moving items weighing up to 10 pounds. Vision requirements include close and distance vision, color and peripheral vision, depth perception, and the ability to adjust focus.

Sunflower Bank Benefits

People choose to “bank” with us, but for those we serve, we’re more than a bank. We strive to be the financial backbone of their lives, and we know that starts with our team.

Our supportive culture empowers team members to grow and seize new opportunities. Like our namesake, the sunflower, we are:

• Rooted in Strength
• Propelled by Growth
• Individuals in a Great Whole
• Creating Possibility
• Community Focused

Associates enjoy outstanding benefits, including:

• 401(k) Plan with 6% Match
• Health/Dental/Vision Insurance
• Company-paid Life Insurance
• Tuition Reimbursement
• Fitness Reimbursement
• Paid Time Off
• Volunteer Leave
• Paid Holidays
• Plus many more associate perks & incentives!

If you qualify, apply online at www.sunflowerbank.com/careers.

You’ve never worked anyplace like Sunflower Bank!

EOE/AA: Minorities/Females/Disabled/Vets

Sunflower Bank, N.A. is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, status as a qualified individual with a disability, sexual orientation, gender identity, or any other characteristic protected by law.

Open until filled; early application encouraged. This vacancy announcement may be used to fill similar positions within 90 days.

If you are a California resident, you may be entitled to certain rights regarding your personal information, which is information that identifies, relates to, or could reasonably be linked with a particular California resident or household. Additional information about our data collection practices and location-specific notices is available on our privacy policy.