Information Security GRC Analyst
Company: Sutton Bank
Location: Columbus
Posted on: February 17, 2026
|
|
|
Job Description:
Job Description Job Description Summary: Responsible for
protecting the integrity, confidentiality, and availability of
Sutton Bank's information assets. This position requires a
proactive professional with experience in assessing, identifying,
and mitigating security risks while ensuring compliance with
relevant regulatory and organizational standards. Qualifications:
Education: Bachelor's Degree in Information Technology, Computer
Science, Cybersecurity, or related field. Licenses/Certifications:
Valid Driver's License. CISSP, CISA or CRISC or CEH preferred.
Experience: Three to five years of experience in information
security, IT or risk management, preferably in a financial
institution. Or equivalent combination of education and experience.
Essential Functions: A: Job Specific: Independently conducts
in-depth assessments of information security risks by analyzing
potential vulnerabilities within systems, applications, processes,
and 3rd Ensures compliance with relevant standards such as ISO
27001, FFIEC, or NIST CSF frameworks. Prioritizes vulnerability
remediation efforts based on risk severity. Coordinates with IT
teams to ensure timely patching or mitigation. Works daily within
TPRM platforms and improve functionality. Develops and maintains
security metrics and dashboards to monitor risk trends and control
effectiveness. Maintains and update risk registers, ensuring
accurate tracking of risk and remediation plans.
Knowledge/Skills/Abilities: Excellent verbal and written
communications at both business and deep technical levels.
Excellent interpersonal skills. The ability to manage multiple
tasks. Technical writing. Ability to read and comprehend
instructions, correspondence, technical manuals and memos. Ability
to respond to common inquiries or complaints from employees,
vendors and management staff. Ability to effectively present
information to individuals one-on-one or a small group setting.
Ability to articulate technical concepts to end-users. Deep
knowledge of information security principles and standards.
Advanced knowledge of TPRM platforms and ability to optimize.
Proactive Mindset: Staying ahead of emerging threats and taking
initiative in risk mitigation. Strong analytical and
problem-solving skills. Attention to Detail: Ability to identify
subtle security vulnerabilities and ensure accurate documentation.
Adaptability: Capacity to learn and adapt to rapidly evolving
security threats and technologies. Teamwork: Willingness to
collaborate with other team members for effective risk mitigation.
Time Management: Skill in prioritizing tasks and managing workload
in a fast-paced environment. Advanced knowledge of information
security principles, standards and frameworks such as NIST, ISO and
CIS Controls. Advanced knowledge of security tools such as
firewalls, vulnerability scanning, antivirus software, and
intrusion detection systems. Sutton Bank is an Equal Employment
Opportunity employer. All qualified applicants will receive
consideration for employment without regard to race, color,
religion, sex, age, national origin, sexual orientation, gender
identity, disability, pregnancy or protected veteran status. Job
Posted by ApplicantPro
Keywords: Sutton Bank, Canton , Information Security GRC Analyst, IT / Software / Systems , Columbus, Ohio
