Governance, Risk, and Compliance & Resiliency Analyst

Description/Job Summary

Join a team focused on the success of our customers, the success of our communities, and the success of each other. Farm Credit East (FCE) is the leading provider of loans and farm advisory services to farm, forest product, fishing, and other agricultural business owners across the northeast with $13.5 billion in total loan volume and $29 million in annual financial services revenue from 18,000 customers across our 8-state territory. We are One Team Working Together with a focus on our five pillars: Outstanding Customer and Employee Experience, Quality Growth, Operational Excellence, Commitment to our Communities, and Protecting Customer Information.

The GRC & Resiliency Analyst supports the development, implementation, and continuous improvement of the organization's cybersecurity governance, risk management, compliance, and business continuity programs. This role ensures alignment with regulatory requirements and the NIST Cybersecurity Framework, while enabling cross-functional collaboration and risk-informed decision-making. The analyst will also contribute to incident response readiness, third-party risk coordination, and metrics reporting.

A key aspect of this role is understanding the scope and responsibilities of our managed service provider Farm Credit Financial Partners, Inc. (FPI) and ensuring that internal Governance Risk and Compliance (GRC) and resiliency efforts are aligned and complementary.

The value drivers for this role are as follows:

• Governance Framework Oversight
• Operational Resilience and Business Continuity
• Risk Mitigation and Compliance
• Regulatory Compliance and Audit Readiness
  
  

The employee shall perform all other duties as assigned.

Duties and Responsibilities

Governance, Risk & Compliance

• Maintain and evolve cybersecurity policies, standards, and procedures to ensure alignment with industry standards and regulatory requirements.
• Track and report on compliance with internal and external cybersecurity requirements.
• Conduct cybersecurity risk assessments and control evaluations across technology platforms and business units.

• Continuously improve and maintain the cybersecurity risk register to ensure comprehensive documentation and effective management of risks.

• Support internal and external audits and manage risk exceptions.
• Ensure internal controls and governance activities align with FPI's enterprise services and responsibilities.
• Maintain cybersecurity risk and controls matrix ensuring controls are aligned with NIST Cybersecurity Framework 2.0 and NIST SP 800-53.
• Collaborate with FPI to define and document roles and responsibilities across shared services, ensuring clarity and accountability

Business Continuity & Resiliency

• Perform annual business impact analysis with key stakeholders across the Association to review criticality of business activities and associated resource requirements to ensure operational resilience.
• Develop and maintain business continuity plans for business processes and enabling technologies.
• Facilitate tabletop exercises and scenario planning for cyber incidents and/or outages.
• Collaborate with IT and business units to confirm critical systems and data are recoverable.
• Coordinate with FPI to ensure continuity planning complements shared infrastructure and services.

Metrics, Reporting & Dashboards

• Develop and maintain operational dashboards and reports that track risk posture, compliance status, and resiliency readiness.

• Monitor and report on key performance indicators (KPIs) and key risk indicators (KRIs) across governance, risk, and continuity domains.
• Ensure timely and accurate data collection to support internal audits, regulatory reviews, and strategic reporting.
• Support the Director of Information Security by preparing and validating data used in executive-level and board communications.
• Ensure metrics align with the broader enterprise risk framework and strategic priorities, enabling informed decision-making.

Third-Party Risk Management

• Coordinate with FPI to ensure vendor risk assessments are completed appropriately.
• Maintain visibility into third-party risk posture and ensure alignment with internal governance and compliance requirements.
• Collaborate with compliance and legal to review contract language related to cybersecurity and data protection.
• Escalate or address gaps in vendor risk coverage when identified

Security Awareness & Enablement

• Support the development and delivery of security awareness training program, ensuring coverage of governance, risk, compliance (GRC), business continuity planning (BCP), resiliency, and site coordinator responsibilities as needed.
• Promote a culture of risk-informed decision-making across the organization.

Job Qualifications and Requirements:

• 
  

  Bachelor's degree in Cybersecurity, Risk Management, Business Continuity, or a related field.

  
  
• 
  

  Minimum of 3 years of experience in Governance, Risk and Compliance or a related cybersecurity role. Experience in Business Continuity Planning and Business Impact Analysis.

  
  
• 
  

  Recommended certifications include:

  
  
  
  
  • Certified Information Systems Auditor (CISA)
  • Certified in Risk and Information Systems Control (CRISC)
  • Associate Business Continuity Professional (ABCP)
  
  
  
  
• You are required in office 5 days per week for the first 2 weeks; weeks 3 - 8 in office 4 days per week with the option of Friday remote; after week 9 you will follow the in office requirement based on your job role. This is based on manager discretion and meeting performance expectations.

Compensation and Benefits:

• Salary Range: $80,000 to $115,000 commensurate with experience
• Short-Term Incentive to reward business results
• Retirement Contributions :
  
  
  
  • 401k match up to 6% of salary;or for those unable to take full advantage of the 401(k) match, verified student loan payments may qualify for an employer match in your 401(k) up to 6% of salary
  • Defined Contribution retirement plan funded at 2-9% of salary depending on years of service
  
  
  
  
• Time Off:
  
  
  
  • 15-25 days of vacation leave per year, depending on years of service
  • 12 days of holiday leave per year
  • 7.5 days of sick leave in your first year, followed by 12 days of sick leave per year thereafter; unlimited rollover of unused sick leave year to year
  
  
  
  
• Health and Insurance:
  
  
  
  • Comprehensive medical, dental, and vision plans, including preventive care and wellness programs to support your overall health and well-being
  • Health Savings Account
  • Life insurance at 2x base pay
  • Accidental Death and Dismemberment insurance at 2x base pay
  • Long-term disability insurance at 2/3 base pay
  
  
  
  
• Additional Benefits:
  
  
  
  • Tuition reimbursement
  • Continuing education and training
  • Employee Assistance Program offering a wide variety of tools and resources
  
  
  
  

Farm Credit East is an Equal Opportunity Employer. As an Equal Opportunity Employer, we do not discriminate on the basis of race, color, religion, national origin, sex, sexual orientation, gender identity or expression, age, marital status, parental status, political affiliation, disability status, protected veteran status, genetic information or any other status protected by federal, state or local law. It is our goal to make employment decisions that further the principle of equal employment opportunity by utilizing objective standards based upon an individual's qualifications for a specific job opening. In compliance with the Americans with Disabilities Act ("ADA"), if you have a disability and would like a reasonable accommodation in order to apply for a position with Farm Credit East, please call 1-800-562-2235 or e-mailFarmCreditCareers@farmcrediteast.com