Roswell Park Comprehensive Cancer Center is seeking a Director of Information Security Governance, Risk and Compliance. This role oversees the GRC functions of the Information Security Department ...
Roswell Park Comprehensive Cancer Center is seeking a Director of Information Security Governance, Risk and Compliance. This role oversees the GRC functions of the Information Security Department ...
The ideal candidate will have extensive experience in technical writing for IT security, cybersecurity frameworks, security governance, risk management, and policy development while ensuring ...
Quick apply
The ideal candidate will have extensive experience in technical writing for IT security, cybersecurity frameworks, security governance, risk management, and policy development while ensuring ...
Director, Information Security Governance, Risk and Compliance Job Type: Regular Company: Roswell Park Comprehensive Cancer Center Department: Information Security Time Type: Full time Weekly Hours ...
Director, Information Security Governance, Risk and Compliance Job Type: Regular Company: Roswell Park Comprehensive Cancer Center Department: Information Security Time Type: Full time Weekly Hours ...
Director, Information Security Governance, Risk and Compliance Job Type: Regular Company: Roswell Park Comprehensive Cancer Center Department: Information Security Time Type: Full time Weekly Hours ...
Director, Information Security Governance, Risk and Compliance Job Type: Regular Company: Roswell Park Comprehensive Cancer Center Department: Information Security Time Type: Full time Weekly Hours ...
The Information Security Officer (ISO) is responsible for. providing enterprise leadership ... This position develops and maintains enterprise-wide security, governance, and risk management ...
The Information Security Officer (ISO) is responsible for. providing enterprise leadership ... This position develops and maintains enterprise-wide security, governance, and risk management ...
The Information Security Officer (ISO) is responsible for. providing enterprise leadership ... This position develops and maintains enterprise-wide security, governance, and risk management ...
The Information Security Officer (ISO) is responsible for. providing enterprise leadership ... This position develops and maintains enterprise-wide security, governance, and risk management ...
Contract. Job Decription: - The contractor will develop, revise, and maintain information security governance documentation. - The work includes creating technically accurate, enforceable ...
Quick apply
Contract. Job Decription: - The contractor will develop, revise, and maintain information security governance documentation. - The work includes creating technically accurate, enforceable ...
We are hiring a Sr. Information Security Governance, Risk, and Compliance (GRC) Analyst at BlueCross BlueShield of Tennessee! In this role, you will help strengthen and mature BCBST's information ...
We are hiring a Sr. Information Security Governance, Risk, and Compliance (GRC) Analyst at BlueCross BlueShield of Tennessee! In this role, you will help strengthen and mature BCBST's information ...
Job Overview The Information Security Artificial Intelligence (AI) Governance Senior Associate is an intermediate-level professional within the Global Information Security (IS) Risk & Resilience team ...
Job Overview The Information Security Artificial Intelligence (AI) Governance Senior Associate is an intermediate-level professional within the Global Information Security (IS) Risk & Resilience team ...
We are hiring a Sr. Information Security Governance, Risk, and Compliance (GRC) Analyst at BlueCross BlueShield of Tennessee! In this role, you will help strengthen and mature BCBST's information ...
We are hiring a Sr. Information Security Governance, Risk, and Compliance (GRC) Analyst at BlueCross BlueShield of Tennessee! In this role, you will help strengthen and mature BCBST's information ...
Sr. Analyst, AI Governance
Atlanta, GA · On-site
Job Overview The Information Security Artificial Intelligence (AI) Governance Senior Associate is an intermediate-level professional within the Global Information Security (IS) Risk & Resilience team ...
Sr. Analyst, AI Governance
Atlanta, GA · On-site
Job Overview The Information Security Artificial Intelligence (AI) Governance Senior Associate is an intermediate-level professional within the Global Information Security (IS) Risk & Resilience team ...
Data Security Governance Analyst (Hybrid Role) - New York, NY 10172
New York, NY · On-site
$70 - $75/hr
The Data Security Governance Analyst supports the enterprise data security and information protection program by defining, maintaining, and operationalizing governance frameworks, policies, and ...
Quick apply
Data Security Governance Analyst (Hybrid Role) - New York, NY 10172
New York, NY · On-site
$70 - $75/hr
The Data Security Governance Analyst supports the enterprise data security and information protection program by defining, maintaining, and operationalizing governance frameworks, policies, and ...
Security Governance & Risk Management * Identity & Access Management (IAM) * Incident Response ... Information Security Governance Documentation * Security Standards & Compliance * Document Version ...
Security Governance & Risk Management * Identity & Access Management (IAM) * Incident Response ... Information Security Governance Documentation * Security Standards & Compliance * Document Version ...
Senior Analyst, Information Security Governance, Risk, & Compliance
Commerce, CA · On-site
$121K - $152K/yr
Job Overview The Senior Analyst, Information Security Governance, Risk, & Compliance will be responsible for the corporate-wide Information Security GRC program. This person will work closely with ...
Senior Analyst, Information Security Governance, Risk, & Compliance
Commerce, CA · On-site
$121K - $152K/yr
Job Overview The Senior Analyst, Information Security Governance, Risk, & Compliance will be responsible for the corporate-wide Information Security GRC program. This person will work closely with ...
Lead IT Security Analyst i IV
Newark, NJ · On-site
$47 - $62.75/hr
Job Summary: This position is a lead security analyst within IT Security Governance and IT Security Operations.IT Security Operations: Responsibilities: Recommend FireWall change requests for ...
Lead IT Security Analyst i IV
Newark, NJ · On-site
$47 - $62.75/hr
Job Summary: This position is a lead security analyst within IT Security Governance and IT Security Operations.IT Security Operations: Responsibilities: Recommend FireWall change requests for ...
Information Security Governance Technical Writer / C ybersecurity Governance Technical Writer - NIST & IRS 1075In this role you will bring your prior experienec with cybersecurity governance writing ...
Information Security Governance Technical Writer / C ybersecurity Governance Technical Writer - NIST & IRS 1075In this role you will bring your prior experienec with cybersecurity governance writing ...
The consultant must have a professional and practical understanding of Information Technology ... Security Governance (ISG) team to meet client demand. The ideal consultant will have a ...
The consultant must have a professional and practical understanding of Information Technology ... Security Governance (ISG) team to meet client demand. The ideal consultant will have a ...
Job Overview The Senior Analyst, Information Security Governance, Risk, & Compliance will be responsible for the corporate-wide Information Security GRC program. This person will work closely with ...
Job Overview The Senior Analyst, Information Security Governance, Risk, & Compliance will be responsible for the corporate-wide Information Security GRC program. This person will work closely with ...
YOUR OPPORTUNITY We have an exciting Information Security Governance, Risk, and Compliance (GRC) Analyst opportunity in our Merriam, KS office. In this highly impactful role, you will be a key member ...
YOUR OPPORTUNITY We have an exciting Information Security Governance, Risk, and Compliance (GRC) Analyst opportunity in our Merriam, KS office. In this highly impactful role, you will be a key member ...
YOUR OPPORTUNITY We have an exciting Information Security Governance, Risk, and Compliance (GRC) Analyst opportunity in our Merriam, KS office. In this highly impactful role, you will be a key member ...
YOUR OPPORTUNITY We have an exciting Information Security Governance, Risk, and Compliance (GRC) Analyst opportunity in our Merriam, KS office. In this highly impactful role, you will be a key member ...
Information Security Governance information
See salary details
$29.5K - $42.3K
23% of jobs
$46.1K is the 25th percentile. Wages below this are outliers.
$42.3K - $55.1K
6% of jobs
$55.1K - $68K
5% of jobs
$68K - $80.8K
6% of jobs
The median wage is $89.2K / yr.
$80.8K - $93.6K
14% of jobs
$93.6K - $106.4K
8% of jobs
$106.4K - $119.2K
12% of jobs
$119.6K is the 75th percentile. Wages above this are outliers.
$119.2K - $132K
8% of jobs
$132K - $144.9K
8% of jobs
$144.9K - $157.7K
5% of jobs
$157.7K - $170.5K
3% of jobs
$29.5K
$94.9K
$170.5K
How much do information security governance jobs pay per year?
What is an Information Security Governance job?
An Information Security Governance job focuses on establishing and maintaining an organization's security strategy, policies, and compliance framework. Professionals in this role ensure that security aligns with business objectives, regulatory requirements, and industry best practices. They define security policies, assess risks, oversee compliance, and provide guidance to stakeholders. This role often involves collaboration with IT, legal, and executive teams to mitigate security threats while supporting business goals.
What are the typical daily responsibilities of someone working in Information Security Governance?
Professionals in Information Security Governance regularly assess and update security policies, perform risk assessments, and ensure compliance with industry standards such as ISO 27001 or NIST frameworks. They often collaborate with IT, legal, and business teams to align security objectives with organizational goals and to address emerging threats. Regular activities may include preparing reports for leadership, facilitating security training sessions, and overseeing audits or incident reviews. This role is both strategic and collaborative, playing a key part in protecting the organization's information assets while supporting overall business operations.
What are the key skills and qualifications needed to thrive in the Information Security Governance position, and why are they important?
To excel in Information Security Governance, a strong background in cybersecurity principles, risk management, compliance frameworks, and policy development is essential, often supported by a degree in information security or related fields. Familiarity with tools like GRC (Governance, Risk, and Compliance) platforms, as well as certifications such as CISSP, CISM, or ISO 27001 Lead Implementer, is highly valuable. Exceptional analytical thinking, communication, and stakeholder management skills help professionals stand out in this role. These competencies ensure organizations effectively mitigate security risks, maintain regulatory compliance, and foster a culture of security awareness.

Director, Information Security Governance, Risk and Compliance
Buffalo, NY • On-site
Full-time
Re-posted 2 days ago
Roswell Park Comprehensive Cancer Center rating
8.1
Based on 18 frontline employees who took The Breakroom Quiz
Job description
Roswell Park Comprehensive Cancer Center is seeking a Director of Information Security Governance, Risk and Compliance. This role oversees the GRC functions of the Information Security Department, leading a team to ensure risk assessments and security training are performed consistently and aligned with best practices.
Responsibilities:
• Oversees the processes and personnel involved in the Governance, Risk and Compliance (GRC) functions of the Information Security Department.
• Leads a team with a hands-on approach; ensures that risk assessments, security training and awareness, third party risk management, and other risk functions are performed in a consistent and thorough manner aligned with industry best practices and recognized security frameworks.
• Works with internal and external auditors to assess the maturity of the Information Security program.
• Furthers the maturity of the GRC program through the adoption and refinement of tools, standards, and processes in order to assist the overall Information Security Department to communicate and prioritize risk, and develop a risk-informed strategy for addressing current gaps and future threats.
Qualifications:
Required:
• Current Cybersecurity certification, such as, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), Certified Risk and Information Systems Control (CRISC), Global Information Assurance Certification (GIAC), or equivalent information security certification.
• Master's degree in Computer Science, Information Systems or a related field and the equivalent of eight (8) years of full-time experience in information security related hardware, software and processes; or
• Bachelor's degree in Computer Science, Information Systems or a related field and the equivalent of ten (10) years of full-time experience in information security related hardware, software, and processes; or
• Associate's degree in Computer Science, Information Systems or a related field and the equivalent of twelve (12) years of full-time experience in information security related hardware, software, and processes; or
• High School Diploma or High School Equivalency Diploma and the equivalent of fourteen (14) years of full-time experience in information security related hardware, software and processes.
• NOTE: Required degrees must have been granted by an accredited school, college or university or one recognized by Roswell Park Comprehensive Cancer Center as following acceptable educational practices.
Company:
Roswell Park Comprehensive Cancer Center is where world-class cancer care, research, education and innovation come together. Founded in 1898, the company is headquartered in Buffalo, NY, US, , with a team of 1001-5000 employees. The company is currently Late Stage.
What Roswell Park Comprehensive Cancer Center employees say
Pay
Benefits
Hours and flexibility
Workplace
Get the full story on Breakroom
About Roswell Park Cancer Institute
Sourced by ZipRecruiter
Company size
1,001 - 5,000 Employees
Headquarters location
Buffalo, NY, US
Year founded
1898