Senior IT Risk Analyst

AgFirst Farm Credit Bank provides financing, as well as a range of technology and other services, to a network of agricultural lenders in the United States and Puerto Rico. Located on Main Street in Columbia, S.C., AgFirst is committed to providing a comfortable, inclusive work environment. We believe in investing in our employees so they can help lead our $42 billion company into the future. If you are looking to fuel your professional development and gain exposure in the field of Operational and Technology Risk, we’d love for you to apply today!

The Senior Information Technology Risk Analyst is responsible for assessing and evaluating Information Technology-related risk to the organization and its systems, evaluating the technical resiliency of systems, helping to develop and track plans to address risk and resiliency challenges, inventorying and maintaining disaster recovery information in support of the organization’s Disaster Recovery Plan and Strategy, facilitating technical testing of systems’ resiliency configurations and disaster recovery plans, and providing cross-functional expertise across multiple products and systems involved in the IT environment within the Bank and/or Associations. This position also works with our customer Associations to leverage AgFirst technical platforms in support of resiliency solutions and processes for their technical systems.

This position is meant to be technical in nature, while also making use of an employee’s “soft” skills to maintain relationships with employees across the organization to be successful. So, a varied and deep understanding of the fundamentals of multiple technology “verticals” (infrastructure, networking, client/server, security, application development, etc.) is a must-have. A candidate should have recent, “hands-on” experience with technical implementations: specifically, being responsible for their configuration in alignment with vendor and industry best practices, along with planning, building, and maintaining resilient/disaster-avoidant configurations in hybrid environments.

This position requires technical problem-solving capabilities and ingenuity, while working within approved organizational systems and technologies; along with the demonstration of the values of integrity, quality, and caution. The position is meant to primarily consider what is best for the organization, our Association customers, and their borrowers in the execution of its duties day-to-day. The Operational and Technology Risk department’s focus is to challenge the “status quo” of a long-running environment and to drive continuous improvement of AgFirst’s products and services.

Duties & Responsibilities

Continuously evaluate IT Risks to the organization and systems by coordinating with subject matter experts and other team members of different technology departments across the organization
Interface with product owners and key stakeholders in Project Management, Business, Association, QA, Security, and Technology Operations to ensure high quality Disaster Recovery and Enterprise Resiliency Strategies
Clearly document and define risks and potential impacts, along with statistical probability of a risk event occurring, and help to establish mitigation plans
Recommend actions to be taken to identify, measure, monetize and control risk as needed, documenting adopted controls in a register
Produce high-quality solutions for projects and be able to apply technical knowledge and principles to devise innovative solutions to unique design problems for the organization, focusing on enterprise technology resiliency, fault tolerance, and disaster avoidance/recovery
In partnership with Business Continuity, assist in conducting AgFirst’s Disaster Recovery periodic testing and incorporating our Associations’ participation
Assist in internal/external audits and evaluations (Including PCI, SOC1, SOC2, Information Security, etc.) as directed
Assist in maintaining the Master Disaster Recovery Plan, and documenting Disaster Recovery procedures and policies
Help ensure that Change Risk Management practices are embedded within the IT organization to identify, mitigate, and monitor risk related to key IT-related initiatives and Disaster Avoidance/Recovery
Stay apprised of industry trends and best practices regarding disaster recovery, high availability, enterprise resiliency, fault tolerance, and other associated technology risk mitigation skillsets
Stay apprised of current advances in all areas of information technology relating to vulnerabilities, security breaches, malicious attacks, and security risk assessment
Takes part in any analysis/research/projects related to Information Technology Resiliency, Disaster Recovery, and testing
Requirements

A minimum of 3 years’ experience, with 5 years preferred, in technology systems administration, development, and/or engineering; which includes work history and experience dealing with high availability, disaster recovery, technology risk assessment and mitigation, and systems architecture
4-year degree in Computer Science, Business, or related field. Additional experience will be considered in lieu of educational requirements
Relevant certifications are preferred. Examples of applicable risk-related certifications: CRISC, CBCI, CBCM or DRCS. Examples of other applicable technology certifications: MCSA/MCSE, CISA, CISSP, etc.
Strong analytical, logical, and problem-solving skills. Ability to examine complex issues and apply a broad technical foundation to aid in solutioning
Attention to details and excellence, while maintaining a grasp of the larger picture and organizational goals
Ability and desire to maintain a high degree of technical knowledge, and to continuously grow. Apply existing knowledge to learning new concepts and technologies quickly
Strong collaboration and communication skills, including: the ability to gather and synthesize relevant research and information within teams, actively listen, facilitate open discussions, verbalize ideas effectively, and navigate the inevitable conflict that exists in all environments in a healthy fashion
Proficient with Microsoft-centric hybrid technologies, such as: Windows OS, Active Directory, System Center, MECM/MEM, IIS, .NET/.NET Core, ASP.NET, Windows Clustering, Networking, Azure, Microsoft 365 (M365), Defender, Purview, Exchange Hybrid, SharePoint/SharePoint Online, Teams, security baselining, vulnerability assessment, system monitoring/health check, load-balancing, etc.
Responsibilities may very occasionally require evening and/or weekend work, in order to respond to, support, and conduct Disaster Recovery resolutions and periodic Disaster Recovery and resilience testing