About AgTrust
AgTrust provides financial services to farmers, ranchers, and agribusinesses. We leverage both internal technology and outsourced IT services from our District Funding Bank to deliver secure, reliable, and efficient operations. As a smaller, agile organization, we value individuals who can work collaboratively across teams to strengthen cybersecurity, technology governance, and operational resilience.
Position Summary
AgTrust is seeking an Information Security and Technology Risk Analyst to help strengthen the organization's cybersecurity and technology risk oversight. This role oversees the governance of IT controls, information security practices, and third-party technology services to ensure AgTrust's systems and data remain secure and resilient.
The position works closely with internal teams and outsourced technology providers to monitor cybersecurity controls, evaluate technology risks, and support regulatory compliance. This role also serves as the Association's Designated Security Officer, coordinating the Information Security Program and helping leadership understand and manage technology-related risks across the organization.
This is a hands-on governance and security oversight role focused on IT controls, cybersecurity risk, and vendor technology oversight rather than day-to-day system administration or engineering.
Key Responsibilities
IT Risk and Security Oversight:
Monitor and support IT general controls (ITGCs) for internal systems, automation tools, and AI-enabled processes.
Evaluate cybersecurity controls and security practices associated with outsourced IT services provided by the District Funding Bank.
Assist in identifying, assessing, and mitigating technology-related risks impacting systems, data, and operations.
Support coordination of incident response activities and documentation for technology or cybersecurity events.
Maintain alignment with recognized frameworks such as those from the National Institute of Standards and Technology (NIST) and ISACA COBIT.
Information Security Program:
Serve as the Association's Designated Security Officer, helping oversee the Information Security Program.
Maintain and support information security policies, procedures, and standards.
Coordinate security awareness efforts and periodic cybersecurity reporting to leadership.
Assist with monitoring and responding to cybersecurity threats impacting internal or outsourced systems.
Technology Resilience:
Maintain and periodically test business continuity and disaster recovery plans for critical systems.
Coordinate recovery planning and testing with internal stakeholders and the District Funding Bank.
Third-Party Technology Risk:
Assist in evaluating and monitoring risks associated with technology vendors and outsourced IT services.
Conduct vendor security reviews, documentation, and follow-up on risk mitigation activities.
Technology Governance and Compliance:
Develop and enforce IT and enterprise risk policies, procedures, and governance standards.
Collaborate with leadership to communicate risk awareness, provide guidance, and conduct training for staff.
Assist with internal and external audits related to IT controls, cybersecurity, and regulatory expectations.
Maintain documentation supporting technology risk management and regulatory expectations
Enterprise Risk Collaboration:
Provide input to the Enterprise Risk Management Workgroup on technology and cybersecurity risks.
Review business processes through an IT and data security lens to help identify potential vulnerabilities.
Strategic Initiatives and Project Support:
Provide risk guidance for organizational initiatives, system implementations, process improvements, and digital transformation projects.
Support evaluation of automation and AI processes for compliance, security, and operational efficiency.
What Success Looks Like in the First 12 Months
First 90 Days:
Gain an understanding of AgTrust's technology environment and outsourced IT services.
Review existi
