Information Security - GRC/Privacy Analyst

About Us

Capital Bank N.A. is headquartered in Maryland and has been serving our communities since 1999. We stand as a publicly traded company (NASDAQ: CBNK) with over $3 billion in assets. We offer commercial and consumer banking services to clients in Maryland, DC, and Northern Virginia, alongside two nation-wide lending brands; Capital Bank Home Loans and OpenSky, a credit card division that offers and services credit cards across all states. Our personalized approach to banking, paired with cutting-edge technology solutions and a comprehensive suite of products and services, fuels our growth, and enables us to support our customers at every stage in their financial journey.

Come join a bank where our employees thrive and are engaged in meaningful work. For the last 5 out of 6 years, Capital Bank was named one of the "Best Banks to Work For" in the U.S. by American Banker.

The GRC and Privacy Analyst plays a critical role in managing risks related to information technology, information security, privacy, regulatory compliance, and governance. This role ensures that the organization's operations and procedures meet government and industry compliance standards. The analyst will work closely with IT and business units to identify and mitigate security risks, maintain regulatory compliance, and protect digital assets.

• Conduct gap analysis and implement frameworks and standards such as CRI, PCI-DSS, GLBA, NIST, and SOX.
• Develop and revise policies, standards, processes, and guidelines for the organization.
• Conduct vendor risk assessments and ensure compliance with organizational security requirements.
• Oversee data privacy practices and ensure alignment with regulatory requirements.
• Support organizational compliance initiatives and the development of governance frameworks.
• Monitor regulatory changes and promote ethical behavior across the organization.
• Conduct regular security assessments and penetration testing.
• Assist in the development and maintenance of identity and access management procedures.
• Participate in incident response and business continuity planning.
• Collaborate with cross-functional teams to integrate security controls into business processes.
• Participate in employee education and awareness programs related to security and privacy.
• Stay updated on emerging threats, vulnerabilities, and industry best practices.
• Monitor network traffic and security logs to detect and analyze potential security threats, anomalies, and breaches. Utilize centralized XDR system to identify and respond to unauthorized activities.
• Collaborate with IT teams to prioritize and remediate vulnerabilities in a timely manner.
• Participate in technical and non-technical projects requiring security oversight to ensure policies, procedures and standards are met.
• Assist with investigation and response to security incidents. Coordinate with internal teams to mitigate the impact of security incidents and prevent future occurrences.
• Participate in employee education events for employees to raise awareness of security threats and security best practice.
• Participate in periodic IT/IS audits, exams and assessments, as
• Perform other security-related duties as

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience).
• Minimum of 3 years of experience in information security, privacy, or a related role, preferably in a regulated financial institution.
• Relevant certification such as CISA, CISSP, CRISC, CompTIA Security+, or
• Experience with GRC tools such as ServiceNow, Process Unity, AuditBoard, Tandem.
• Knowledge of regulatory frameworks CRI, PCI-DSS, GLBA, NIST, SOX, Reg P.
• Strong analytical and problem-solving skills with an ability to assess risks.
• Knowledge of relevant security and compliance frameworks, standards, and
• Ability to assist all levels of the organization with understanding security as it relates to their functional area.
• Ability to work independently and in a team setting, and across external and internal stakeholder groups.

• Microsoft Office software suite (Word, Excel, PowerPoint, etc)
• Microsoft 365 Security and Compliance Centers
• Knowledge of information security management standards and frameworks, such as PCI-DSS,

ISO and NIST CSF

• Proficiency in security tools and technologies, network protocols, and operating
• Strong analytical and problem-solving skills with an ability to think critically and assess
• Effective communication skills to collaborate with cross-functional teams and convey security- related information.
• Capable of working in a fast paced, dynamically changing and team-oriented
• Ability to find innovative solutions while working with existing

Working Arrangements

• This is a hybrid role expected to work in office Monday, Tuesday, Thursday, and Friday. You will be able to work remotely on Wednesday.
• Open to remote candidate's dependent upon prior experience - candidates within traveling distance to our headquarters preferred
  
  

Compensation

• Base Salary Range: $95,000 - $140,000 annually. Final determination of where you are at in the salary range is based on numerous factors such as relevant experience, skill set, education, and ability to meet qualifications within the job description.
• Additional Compensation: This role will include a yearly annual target bonus based on individual performance.

Why Join Us?

• Join a growing company with a culture that fosters an entrepreneurial spirit
• Comprehensive benefits package including Medical, Dental, Vision, Company Paid Life Insurance, Disability Insurance, and more!
• Company Contributions to your 401k - Regardless of your contribution
• Employee Perks: Paid Parental Leave, Employee Recognition Program, Leadership Program, Tuition Reimbursement Program, Employee Bank Checking Account, and much more!
• Generous Paid Time Off and Paid Holidays - Including Paid Charity Hours to support volunteer opportunities

Other: Ability to travel within a defined market area.

Supporting Businesses. Helping People. Strengthening Communities.
Capital Bank, N.A. is an Affirmative Action, E-Verify, and Equal Opportunity Employer.