Information Security - GRC/Privacy Analyst

Capital Bancorp Plc-posted 4 months ago
$95,000 - $140,000/Yr
Full-time • Mid Level
Remote • Rockville, MD
Credit Intermediation and Related Activities
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The GRC and Privacy Analyst plays a critical role in managing risks related to information technology, information security, privacy, regulatory compliance, and governance. This role ensures that the organization's operations and procedures meet government and industry compliance standards. The analyst will work closely with IT and business units to identify and mitigate security risks, maintain regulatory compliance, and protect digital assets. Conduct gap analysis and implement frameworks and standards such as CRI, PCI-DSS, GLBA, NIST, and SOX. Develop and revise policies, standards, processes, and guidelines for the organization. Conduct vendor risk assessments and ensure compliance with organizational security requirements. Oversee data privacy practices and ensure alignment with regulatory requirements. Support organizational compliance initiatives and the development of governance frameworks. Monitor regulatory changes and promote ethical behavior across the organization. Conduct regular security assessments and penetration testing. Assist in the development and maintenance of identity and access management procedures. Participate in incident response and business continuity planning. Collaborate with cross-functional teams to integrate security controls into business processes. Participate in employee education and awareness programs related to security and privacy. Stay updated on emerging threats, vulnerabilities, and industry best practices. Monitor network traffic and security logs to detect and analyze potential security threats, anomalies, and breaches. Utilize centralized XDR system to identify and respond to unauthorized activities. Collaborate with IT teams to prioritize and remediate vulnerabilities in a timely manner. Participate in technical and non-technical projects requiring security oversight to ensure policies, procedures and standards are met. Assist with investigation and response to security incidents. Coordinate with internal teams to mitigate the impact of security incidents and prevent future occurrences. Participate in employee education events for employees to raise awareness of security threats and security best practice. Participate in periodic IT/IS audits, exams and assessments, as Perform other security-related duties as assigned.

  • Identify and mitigate security risks
  • Maintain regulatory compliance
  • Conduct gap analysis and implement frameworks and standards
  • Develop and revise policies, standards, processes, and guidelines
  • Conduct vendor risk assessments
  • Oversee data privacy practices
  • Support organizational compliance initiatives
  • Monitor regulatory changes
  • Conduct regular security assessments and penetration testing
  • Assist in the development and maintenance of identity and access management procedures
  • Participate in incident response and business continuity planning
  • Collaborate with cross-functional teams to integrate security controls
  • Participate in employee education and awareness programs
  • Monitor network traffic and security logs
  • Utilize centralized XDR system to identify and respond to unauthorized activities
  • Participate in technical and non-technical projects requiring security oversight
  • Assist with investigation and response to security incidents
  • Coordinate with internal teams to mitigate the impact of security incidents
  • Participate in periodic IT/IS audits, exams and assessments
  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience)
  • Minimum of 3 years of experience in information security, privacy, or a related role, preferably in a regulated financial institution
  • Relevant certification such as CISA, CISSP, CRISC, CompTIA Security+
  • Experience with GRC tools such as ServiceNow, Process Unity, AuditBoard, Tandem
  • Knowledge of regulatory frameworks CRI, PCI-DSS, GLBA, NIST, SOX, Reg P
  • Strong analytical and problem-solving skills
  • Knowledge of relevant security and compliance frameworks, standards
  • Ability to assist all levels of the organization with understanding security
  • Ability to work independently and in a team setting
  • Proficiency in Microsoft Office software suite (Word, Excel, PowerPoint, etc)
  • Knowledge of information security management standards and frameworks, such as PCI-DSS, ISO and NIST CSF
  • Proficiency in security tools and technologies, network protocols, and operating systems
  • Effective communication skills to collaborate with cross-functional teams
  • Experience in a fast-paced, dynamically changing environment
  • Ability to find innovative solutions while working with existing resources
  • Comprehensive benefits package including Medical, Dental, Vision, Company Paid Life Insurance, Disability Insurance
  • Company Contributions to your 401k - Regardless of your contribution
  • Paid Parental Leave
  • Employee Recognition Program
  • Leadership Program
  • Tuition Reimbursement Program
  • Employee Bank Checking Account
  • Generous Paid Time Off and Paid Holidays
  • Paid Charity Hours to support volunteer opportunities
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Privacy Analyst Resume Examples
Privacy Analyst Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service