×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant IT Business Analyst

Senior IT GRC Analyst

Job in Hillsboro, Washington County, Oregon, 97104, USA
Listing for: Columbia Bank
Full Time position
Listed on 2026-06-12
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, IT Business Analyst
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

About the Role

Responsible for leading Cybersecurity and IT governance, risk, and compliance efforts, including the establishment and maintenance of an IT operating model and facilitating the development of technology policies and standards.

  • Maintain governance documentation detailing how information should be secured including the maintenance and development of internal process/procedure documentation including but are not limited to technology and cybersecurity policies and standards.
  • Perform formal risk analysis and self‑assessments for technology processes, leveraging industry frameworks/standards like NIST CSF, FFIEC, CIS, ITIL, and COBIT to build a unique program for Columbia Bank.
  • Develop new and analyze existing internal technology and security controls, to ensure compliance with documented and approved standards and frameworks. Ensure that information systems within environment comply with company policies, standards, and procedures.
  • Drive and provide advisory and subject‑matter expertise to technology teams and business units for cybersecurity compliance readiness.
  • Responsible for tracking and monitoring gaps in the cybersecurity program. Maintain cybersecurity gap analysis documents; gather necessary information from technology and lines of business to identify areas to improve banking practices.
  • Manage end‑to‑end issue management activities, including intake, validation, prioritization, assignment, remediation tracking, and closure of GRC‑related issues in Service Now, ensuring timely resolution, appropriate evidence, and alignment with audit, risk, and regulatory expectations.
  • Coordinate SOX IT Audit activities, serving as the primary liaison between audit (internal/external) and technology stakeholders to manage request intake, scope clarification, evidence collection, review, submission, issue tracking, status reporting to leadership and timely resolution in support of audit deadlines and control effectiveness.
  • Lead the process to identify new assets, perform the risk evaluation process to determine the risk ranking.
  • Facilitate and liaise with technology leaders, key corporate risk groups (including Internal Audit, External Audit, Corporate Compliance, Enterprise Risk Management, Legal) to ensure TAG is aligned with these groups and meeting obligations.
  • Demonstrates compliance with all bank regulations for assigned job function and applies to designated job responsibilities – knowledge may be gained through coursework and on‑the‑job training. Keeps up to date on regulation changes.
  • Follows all Bank policies and procedures, compliance regulations, and completes all required annual or job‑specific training.
  • Maintain a working knowledge of Bank’s written policies and procedures regarding Bank Secrecy Act, Regulation CC, Regulation E, Bank Security and other regulations as applicable to this job description.
  • May be asked to coach, mentor, or train others and teach coursework as subject matter expert.
  • Actively learns, demonstrates, and fosters the Columbia corporate culture in all actions and words.
  • Takes personal initiative and is a positive example for others to emulate.
  • Embraces our vision to become “Business Bank of Choice”.
  • May perform other duties as assigned.
About You
  • Bachelor's Degree in computer science or equivalent (preferred)
  • 7-10 years — of experience in or a combination of information security, IT audit, or information technology operations. (Required)
  • Service Now IRM/GRC experience to design/optimize workflow, reporting and implementing new features
  • Knowledge of risk management processes including internal audit and information security management. Experience evaluating controls relative to information security frameworks such as ISO 27002, NIST 800 series, or financial services regulatory frameworks such as the FFIEC IT booklets and Cybersecurity Assessment Tool (CAT).
  • Knowledge of systems and network concepts including: access, authorization, configuration, and design.
  • Demonstrated understanding of information security concepts including: encryption, access controls, network security, security operations, security architect, threat modeling and design.
  • Knowledge of applicable regulatory…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search