VP, Information Security Risk Officer (ISRO)
- On-site
- Houston, Texas, United States
- $150,000 - $180,000 per year
- Information Technology
Lead enterprise cybersecurity, IT governance, regulatory compliance, risk management, audits, vendor oversight, and digital transformation initiatives within a financial services environment.
Job description
Job Summary
Seeking a senior Information Security Risk Officer (ISRO) to lead enterprise cybersecurity, IT governance, risk management, regulatory compliance, vendor management, and digital transformation initiatives within a financial services environment.
Location: Houston, TX (Onsite)
Key Responsibilities
Information Security & Technology Leadership
Lead enterprise information security and technology strategy.
Oversee cybersecurity posture, IT governance, and risk management programs.
Align technology initiatives with business objectives.
Lead technology steering committees and strategic planning efforts.
Present technology and risk updates to executive leadership and boards.
Risk Management & Compliance
Serve as the primary contact for IT audits, regulatory examinations, and compliance reviews.
Ensure compliance with FFIEC, GLBA, NIST, ISO 27001, SOC 2, and related regulatory frameworks.
Monitor evolving cybersecurity and banking regulations.
Manage risk assessments, control testing, and remediation efforts.
Lead incident response, disaster recovery, and business continuity initiatives.
Policy & Governance
Develop, maintain, and review IT policies, procedures, standards, and governance frameworks.
Translate regulatory requirements into internal controls and policies.
Maintain risk and control documentation, process maps, and governance records.
Lead periodic policy reviews and updates.
Vendor & Operational Oversight
Oversee technology vendors and managed service providers.
Conduct vendor due diligence, risk assessments, and contract reviews.
Evaluate security risks associated with new business initiatives.
Ensure effective IT operational controls and documentation.
Team Leadership
Mentor and lead technology and security personnel.
Develop organization-wide cybersecurity awareness and training programs.
Foster a culture of accountability, compliance, and continuous improvement.
Job requirements
Mandatory Requirements
10+ years of Information Security, Cybersecurity, IT Risk, Compliance, or IT Leadership experience.
Financial Services, Banking, Wealth Management, Trust Company, or related regulated industry experience.
Experience leading IT Risk Management and Information Security programs.
Strong knowledge of FFIEC regulations and examination requirements.
Experience with GLBA, NIST, ISO 27001, SOC 2, and cybersecurity frameworks.
Experience managing regulatory audits and examinations.
Experience developing IT governance policies and procedures.
Experience with business continuity, disaster recovery, and incident response programs.
Strong vendor risk management experience.
Executive-level communication and leadership experience.
Preferred Qualifications
CISSP Certification
CISM Certification
CCISO Certification
Bachelor's Degree in Information Systems, Cybersecurity, Computer Science, Business Administration, or related field
or
All done!
Your application has been successfully submitted!
You've already applied for this job
We appreciate your interest in this position. Unfortunately, you have already applied for this job.