We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
First Mid Bank & Trust jobs

Information Security Risk & Controls Analyst

First Mid Bank & Trust
parental leave, paid time off, paid holidays, tuition reimbursement, 401(k)
United States, Illinois, Mattoon
1421 Charleston Avenue (Show on map)
May 27, 2026








Position:
Information Security Risk & Controls Analyst



Location:

Any First Mid Location


Job Id:
4602

# of Openings:
1


At First Mid, base salary is one component of our Total Rewards program. Exact compensation is determined by factors such as (but not limited to) education, skills, internal equity, and experience. This position offers additional compensation in the form of discretionary short-term incentives (i.e. bonus, incentives, and/or commission). Benefits for this role include comprehensive healthcare, well-being benefits, paid family leave as well as generous paid time off. Total Rewards also include banking perks, tuition reimbursement, an Employee Stock Purchase Plan, and a 401K plan with company match. Incentives and benefits are subject to eligibility requirements.


This position requires an ethical, analytical, and detail-oriented individual capable of managing multiple tasks in support of the Information Security Risk Management program. This role will evolve within the Enterprise Risk Management Department and work directly with the Information Security Risk Officer to provide effective oversight and monitoring of IT and Information Security controls. The Information Security Risk and Controls Analyst will execute day-to-day validation tasks, assist with evidence gathering for audits and exams, support vendor and asset risk assessments, and ensure documentation and reporting processes remain current and accurate.


Responsibilities include, but are not limited to:


  • Assist with user access reviews, including privileged account validation.
  • Assist with SOX, GLBA, FFIEC, and OCC audits and exams by gathering and organizing evidence.
  • Support monitoring of IT audit, regulatory, and penetration test findings to ensure timely remediation.
  • Help maintain a software asset database and perform risk assessments on new IT assets, vendors, and system changes.
  • Execute recurring monthly and quarterly second-line validation monitoring of Information Security control activities.
  • Maintain and update information security risk documentation.
  • Assist with evidence gathering and validation of Information Security Risk Assessments, ensuring documentation is complete, accurate, and maintained for audit and regulatory review.
  • Assist with the monitoring of antivirus, patch management, and vulnerability remediation tracking.
  • Support the preparation of Key Risk Indicator (KRI) metrics and risk trend reporting for management and governance committees.
  • Contribute to information security risk-related communications and associate awareness efforts.
  • Provide administrative support during incident response activities, including evidence collection, logging, and reporting.
  • Assist with planning and documentation for the annual cybersecurity tabletop exercise.
  • Participate in Enterprise Risk Management and IT governance discussions as directed by the Information Security Risk Officer.
  • Collaborate with IT and other departments as needed to ensure seamless execution of second-line validation responsibilities.
  • Complete annual training associated with job functions.
  • Perform other duties as assigned.



Qualifications

Education/Experience:


  • Associate's or Bachelor's degree in Information Security, Risk Management, or a related field required.
  • 1+ years of Information Security, IT Audit, or IT Risk Management experience required; banking or financial services experience a plus.
  • Exposure to regulatory frameworks such as GLBA, FFIEC, NIST, or SOX preferred.
  • Field-related certification (e.g., Security+, CISA, or CySA+) a plus, or willingness to obtain in the future.



Skills:


  • Strong analytical and problem-solving skills with close attention to detail.
  • Ability to interpret and report on data trends and risk indicators.
  • Familiarity with banking applications preferred.
  • Strong proficiency in Microsoft Excel, including the ability to organize, analyze, and validate data using formulas, pivot tables, filters, and basic data analysis techniques.
  • Ability to manage multiple tasks and meet deadlines in a fast-paced regulatory environment.



Total Rewards:


  • Competitive health, dental & vision coverage with HSA match
  • 401(k) with employer match + Employee Stock Purchase Plan
  • Generous PTO, paid holidays & parental leave
  • Tuition reimbursement & performance-based bonuses
  • Visit our Total Rewards page to see our full list of benefits



First Mid Bancshares, Inc. is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, gender identity, sexual orientation, protected veteran status, or any other applicable federal or state-protected classification.


THIS JOB DESCRIPTION DOES NOT CONSTITUTE A CONTRACT FOR EMPLOYMENT

LP123

Pay Range: $24.52 - $30.65 per hour

Apply for this Position


Applied = 0
MORE JOBS LIKE THIS

(web-77cf7d65c7-wmmd7)