Capital Bank, N.A.

www.capitalbankmd.com

1 Job

358 Employees

About the Company

Capital Bank N.A., headquartered in Rockville, Maryland is a Maryland chartered commercial bank that offers commercial and consumer banking services to clients in the Washington D.C. metropolitan area, alongside two nation-wide lending brands; Capital Bank Home Loans, a mortgage division that lends in all 50 states, and OpenSky a credit card division that offers and services credit cards across all states. Capital Bank focuses on merging digitally based products with personalized services. This enables our commercial sales teams, mortgage loan officers and OpenSky customer care associates to deliver a meaningful customer experience customized by the nature of the relationship, whether it be a credit card, a home loan, or a commercial customer with complicated lending and treasury needs. Our expansion has been deliberate with a focus on trading brick and mortar expenses for investment in digital technologies to enable our customers to focus on their goals, or their personal vision. For more information, visit https://capitalbankmd.com Member FDIC. An Equal Housing Lender. NMLS# 401599. CAPITAL BANK, PARTNERS IN YOUR VISION

Listed Jobs

Company Name: Capital Bank, N.A.
Job Title: Information Security - GRC/Privacy Analyst
Job Description: **Job Title:** Information Security – GRC/Privacy Analyst **Role Summary:** Lead governance, risk, and compliance (GRC) functions focused on information security and privacy. Manage risk assessments, policy development, and regulatory compliance across IT and business units to protect digital assets and ensure adherence to industry and government standards. **Expectations:** - Maintain and improve security posture within a regulated financial environment. - Deliver actionable insights to stakeholders and drive continuous improvement of controls and processes. - Respond promptly to incidents, investigations, and audit findings. **Key Responsibilities:** - Conduct gap analyses and implement frameworks (PCI‑DSS, GLBA, NIST, SOX, CRI, Reg P). - Develop, update, and enforce policies, standards, and guidelines. - Perform vendor risk assessments and enforce security requirements. - Oversee data privacy practices, monitor regulatory changes, and promote ethical behavior. - Execute regular security assessments, penetration testing, and vulnerability remediation. - Manage identity and access management procedures. - Participate in incident response, business continuity planning, and audits. - Monitor network traffic and logs via XDR; prioritize and remediate threats. - Collaborate with cross‑functional teams to embed controls into processes and conduct security awareness training. **Required Skills:** - Analytical, problem‑solving, and risk‑assessment abilities. - Knowledge of regulatory frameworks (PCI‑DSS, GLBA, NIST, SOX, Reg P, CRI). - Experience with GRC tools (ServiceNow, Process Unity, AuditBoard, Tandem). - Proficiency in Microsoft 365 Security & Compliance Centers, Office suite. - Strong communication, collaboration, and stakeholder‑management skills. - Ability to work independently and within multidisciplinary teams. **Required Education & Certifications:** - Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field. - Minimum 3 years of experience in information security, privacy, or related regulatory role (preferably in finance). - Certifications such as CISA, CISSP, CRISC, CompTIA Security+, or equivalent.