ZipRecruiter

Log In

1

Information Security Governance Jobs (NOW HIRING)

SSC HR Solutions

Job Purpose: Support the implementation, monitoring, and continuous improvement of information security governance, risk management, and compliance program. This role contributes directly to ...

next page

Showing results 1-20

All JobsInformation Security Governance Jobs

Information Security Governance information

See salary details

$29.5K

$94.9K

$170.5K

How much do information security governance jobs pay per year?

As of Jun 11, 2026, the average yearly pay for information security governance in the United States is $94,926.00, according to ZipRecruiter salary data. Most workers in this role earn between $49,500.00 and $127,500.00 per year, depending on experience, location, and employer.

What is an Information Security Governance job?

An Information Security Governance job focuses on establishing and maintaining an organization's security strategy, policies, and compliance framework. Professionals in this role ensure that security aligns with business objectives, regulatory requirements, and industry best practices. They define security policies, assess risks, oversee compliance, and provide guidance to stakeholders. This role often involves collaboration with IT, legal, and executive teams to mitigate security threats while supporting business goals.

What are the typical daily responsibilities of someone working in Information Security Governance?

Professionals in Information Security Governance regularly assess and update security policies, perform risk assessments, and ensure compliance with industry standards such as ISO 27001 or NIST frameworks. They often collaborate with IT, legal, and business teams to align security objectives with organizational goals and to address emerging threats. Regular activities may include preparing reports for leadership, facilitating security training sessions, and overseeing audits or incident reviews. This role is both strategic and collaborative, playing a key part in protecting the organization's information assets while supporting overall business operations.

What are the key skills and qualifications needed to thrive in the Information Security Governance position, and why are they important?

To excel in Information Security Governance, a strong background in cybersecurity principles, risk management, compliance frameworks, and policy development is essential, often supported by a degree in information security or related fields. Familiarity with tools like GRC (Governance, Risk, and Compliance) platforms, as well as certifications such as CISSP, CISM, or ISO 27001 Lead Implementer, is highly valuable. Exceptional analytical thinking, communication, and stakeholder management skills help professionals stand out in this role. These competencies ensure organizations effectively mitigate security risks, maintain regulatory compliance, and foster a culture of security awareness.

More about Information Security Governance jobs
What cities are hiring for Information Security Governance jobs? Cities with the most Information Security Governance job openings:
What are the most commonly searched types of Information Security Governance jobs? The most popular types of Information Security Governance jobs are:
What states have the most Information Security Governance jobs? States with the most job openings for Information Security Governance jobs include:
What job categories do people searching Information Security Governance jobs look for? The top searched job categories for Information Security Governance jobs are:
Information Security Governance jobs near you

Information Security Governance Analyst

SSC HR Solutions

Other

Posted 25 days ago

Job description

Job Purpose:

Support the implementation, monitoring, and continuous improvement of information security governance, risk management, and compliance program. This role contributes directly to maintaining ISO 27001:2022 certification, supporting surveillance and external audits, driving KPI/KRI reporting, and enabling the maturity and scalability of GRC processes.

Job Responsibilities:

Support the development, implementation, and enhancement of the Information Security Management System (ISMS) in line with ISO 27001:2022 .

Assist in maintaining GRC policies, procedures, and standards aligned with regulatory and business requirements

Gather and report on security-related KPIs and KRIs to monitor control effectiveness and program health

Participate in risk assessments, maintain the risk register, and support mitigation tracking

Contribute to internal and external audit readiness, including ISO surveillance visits

Collaborate with internal stakeholders to promote security awareness and compliance culture

Support the implementation and use of GRC platforms (e.g., ServiceNow GRC, Archer, OneTrust)

Engage with ongoing projects to support secure development practices, compliance checks, and risk registers

Prepare documentation and participate in quarterly ISMS and GRC reporting cycles

Operates under the direction of the GRC Manager with a focus on execution and coordination, not strategic program ownership

Job Skills and Abilities:

-        Basic understanding of ISO 27001and risk frameworks

-        Awareness of data protection laws

-         Familiarity with risk management processes

-        Clear communication and cross-functional collaboration

-        Analytical and documentation skills

-        Process-focused, detail-oriented mindset

-        Ability to coordinate across departments on compliance topics

-        Ability to manage multiple assignments under supervision

-        Ability to collect and maintain reliable compliance data

Requirements

Qualifications:

-        Bachelor's degree in computer science engineering

-        2-6 years of experience in information security, risk management, or GRC roles

-        Exposure to ISO 27001.

-        Experience with GRC platforms (e.g., ServiceNow GRC, Archer, OneTrust) is a plus

-        Certifications preferred: ISO/IEC 27001 Foundation or Implementer, CompTIA Security+, CISA, CRISC

Apply