1

Information Security Governance Jobs (NOW HIRING)

Director, Information Security Governance, Risk and Compliance Job Type: Regular Company: Roswell Park Comprehensive Cancer Center Department: Information Security Time Type: Full time Weekly Hours ...

Job Overview The Information Security Artificial Intelligence (AI) Governance Senior Associate is an intermediate-level professional within the Global Information Security (IS) Risk & Resilience team ...

Job Overview The Information Security Artificial Intelligence (AI) Governance Senior Associate is an intermediate-level professional within the Global Information Security (IS) Risk & Resilience team ...

next page

Showing results 1-20

Information Security Governance information

See salary details

$29.5K

$94.9K

$170.5K

How much do information security governance jobs pay per year?

As of Jul 18, 2026, the average yearly pay for information security governance in the United States is $94,926.00, according to ZipRecruiter salary data. Most workers in this role earn between $49,500.00 and $127,500.00 per year, depending on experience, location, and employer.

What is an Information Security Governance job?

An Information Security Governance job focuses on establishing and maintaining an organization's security strategy, policies, and compliance framework. Professionals in this role ensure that security aligns with business objectives, regulatory requirements, and industry best practices. They define security policies, assess risks, oversee compliance, and provide guidance to stakeholders. This role often involves collaboration with IT, legal, and executive teams to mitigate security threats while supporting business goals.

What are the typical daily responsibilities of someone working in Information Security Governance?

Professionals in Information Security Governance regularly assess and update security policies, perform risk assessments, and ensure compliance with industry standards such as ISO 27001 or NIST frameworks. They often collaborate with IT, legal, and business teams to align security objectives with organizational goals and to address emerging threats. Regular activities may include preparing reports for leadership, facilitating security training sessions, and overseeing audits or incident reviews. This role is both strategic and collaborative, playing a key part in protecting the organization's information assets while supporting overall business operations.

What are the key skills and qualifications needed to thrive in the Information Security Governance position, and why are they important?

To excel in Information Security Governance, a strong background in cybersecurity principles, risk management, compliance frameworks, and policy development is essential, often supported by a degree in information security or related fields. Familiarity with tools like GRC (Governance, Risk, and Compliance) platforms, as well as certifications such as CISSP, CISM, or ISO 27001 Lead Implementer, is highly valuable. Exceptional analytical thinking, communication, and stakeholder management skills help professionals stand out in this role. These competencies ensure organizations effectively mitigate security risks, maintain regulatory compliance, and foster a culture of security awareness.

More about Information Security Governance jobs
What cities are hiring for Information Security Governance jobs? Cities with the most Information Security Governance job openings:
What are the most commonly searched types of Information Security Governance jobs? The most popular types of Information Security Governance jobs are:
What states have the most Information Security Governance jobs? States with the most job openings for Information Security Governance jobs include:
What job categories do people searching Information Security Governance jobs look for? The top searched job categories for Information Security Governance jobs are:
Infographic showing various Information Security Governance job openings in the United States as of July 2026, with employment types broken down into 91% Full Time, and 9% Contract. Highlights an 77% In-person, 14% Hybrid, and 9% Remote job distribution, with an average salary of $94,926 per year, or $45.6 per hour.
Director, Information Security Governance, Risk and Compliance

Director, Information Security Governance, Risk and Compliance

Roswell Park Comprehensive Cancer Center

Buffalo, NY • On-site

Full-time

Re-posted 2 days ago


Roswell Park Comprehensive Cancer Center rating

8.1

Company rating: 8.1 out of 10

Based on 18 frontline employees who took The Breakroom Quiz


Job description

Job Summary:
Roswell Park Comprehensive Cancer Center is seeking a Director of Information Security Governance, Risk and Compliance. This role oversees the GRC functions of the Information Security Department, leading a team to ensure risk assessments and security training are performed consistently and aligned with best practices.
Responsibilities:
• Oversees the processes and personnel involved in the Governance, Risk and Compliance (GRC) functions of the Information Security Department.
• Leads a team with a hands-on approach; ensures that risk assessments, security training and awareness, third party risk management, and other risk functions are performed in a consistent and thorough manner aligned with industry best practices and recognized security frameworks.
• Works with internal and external auditors to assess the maturity of the Information Security program.
• Furthers the maturity of the GRC program through the adoption and refinement of tools, standards, and processes in order to assist the overall Information Security Department to communicate and prioritize risk, and develop a risk-informed strategy for addressing current gaps and future threats.
Qualifications:
Required:
• Current Cybersecurity certification, such as, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), Certified Risk and Information Systems Control (CRISC), Global Information Assurance Certification (GIAC), or equivalent information security certification.
• Master's degree in Computer Science, Information Systems or a related field and the equivalent of eight (8) years of full-time experience in information security related hardware, software and processes; or
• Bachelor's degree in Computer Science, Information Systems or a related field and the equivalent of ten (10) years of full-time experience in information security related hardware, software, and processes; or
• Associate's degree in Computer Science, Information Systems or a related field and the equivalent of twelve (12) years of full-time experience in information security related hardware, software, and processes; or
• High School Diploma or High School Equivalency Diploma and the equivalent of fourteen (14) years of full-time experience in information security related hardware, software and processes.
• NOTE: Required degrees must have been granted by an accredited school, college or university or one recognized by Roswell Park Comprehensive Cancer Center as following acceptable educational practices.
Company:
Roswell Park Comprehensive Cancer Center is where world-class cancer care, research, education and innovation come together. Founded in 1898, the company is headquartered in Buffalo, NY, US, , with a team of 1001-5000 employees. The company is currently Late Stage.

What Roswell Park Comprehensive Cancer Center employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom