Information Security GRC Privacy Analyst

@ Capital Bank, N.A.

About Capital Bank, N.A.

Capital Bank, N.A. is headquartered in Maryland and has been serving communities since 1999. With over $3 billion in assets and a presence in Maryland, DC, and Northern Virginia, the bank offers commercial and consumer banking services along with nation-wide lending brands.

Position Purpose

The Information Security GRC Privacy Analyst plays a critical role in managing risks related to IT, information security, privacy, regulatory compliance, and governance. This role ensures that operations meet government and industry compliance standards while protecting digital assets.

Position Responsibilities

• Conduct gap analysis and implement frameworks/standards including CRI, PCI-DSS, GLBA, NIST, and SOX.
• Develop and revise policies, standards, processes, and guidelines.
• Conduct vendor risk assessments and ensure organizational security compliance.
• Oversee data privacy practices in alignment with regulations.
• Support compliance initiatives and develop governance frameworks.
• Monitor regulatory changes and promote ethical practices.
• Conduct regular security assessments and penetration tests.
• Assist in developing identity and access management procedures.
• Participate in incident response and business continuity planning.
• Collaborate with teams to integrate security controls into business processes.
• Participate in employee security and privacy education programs.
• Monitor network traffic and analyze security logs using centralized XDR.
• Collaborate to remediate vulnerabilities and support audit processes.
• Assist with investigations and responses to security incidents.

Minimum Education And Experience

• Bachelor’s degree in Computer Science, IT, Cybersecurity or related field.
• Minimum 3 years experience in information security, privacy, or similar role in a regulated financial institution.
• Relevant certifications (CISA, CISSP, CRISC, CompTIA Security+).
• Experience with GRC tools like ServiceNow, Process Unity, AuditBoard, Tandem.
• Strong analytical and problem-solving skills with risk assessment capabilities.

Technical Knowledge And Skills

• Proficiency with Microsoft Office and Microsoft 365 Security and Compliance Centers.
• Understanding of security frameworks like PCI-DSS, ISO, and NIST CSF.
• Knowledge of security tools, network protocols, and operating systems.
• Effective communication and collaboration across teams.
• Ability to work in fast-paced, dynamic environments.

Working Arrangements & Compensation

This is a hybrid role: in-office on Monday, Tuesday, Thursday, and Friday with remote work on Wednesday. Remote candidates within traveling distance to headquarters will be considered. The base salary ranges from $95,000 to $140,000 annually with an annual performance-based bonus.

Why Join Us?

Be part of a growing company recognized as one of the "Best Banks to Work For". Enjoy comprehensive benefits, robust employee perks, and opportunities for professional growth.

Key skills/competency

• Information Security
• GRC
• Privacy
• Compliance
• Risk Management
• Regulatory Standards
• Vendor Assessments
• Incident Response
• Penetration Testing
• Security Awareness