Capitol Federal Savings Bank
IT Security Risk Analyst (Finance)
Responsible for managing a variety of risk elements and controls in a technical environment. Evaluates technical and procedural risks and provides recommendations on changes. Serves as primary liaison with Risk Management and Audit departments regarding control development, testing and possible remediation. Provides input to IT audit responses and ensures potential findings are remediated per commitments. Recommends changes to controls and consults within IT and across the enterprise to enhance security posture and reduce technical risks, utilizing appropriate technical security frameworks (e.g., NIST, ISO) and CIS Controls.
Develops, documents and maintains written procedures. Leads vulnerability management program for IT department and tracks remediation process. Reviews vendor technical environments for potential risks, documents findings and identifies practical risk reduction strategies. Performs a variety of risk assessments. Assists with potential remediation of technical vulnerabilities, investigating exposure and tracking progress, both internally and with vendors. Monitors patching program for applications, operating systems and appliances. Prioritizes multiple threat indicators to assess most urgent first. Responds appropriately to incidents and assist with root cause analysis. Makes independent decisions on matters of varying complexity, utilizing knowledge of security best practices, frameworks and good judgment. Gathers input from management on complex situations. Required to exercise appropriate discretion on confidential matters.
This position is on-site 5 days/week
Essential Duties & Responsibilities
Experience
Education/Certifications/Licenses
Bachelor's degree, Information Systems, Computer Science, Information Security or related field required. CISSP, CRISC or other relevant certification required.
Skills
CapFed® is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.