ZipRecruiter

Log In

1

Security Governance Jobs (NOW HIRING)

SSC HR Solutions

Job Purpose: Support the implementation, monitoring, and continuous improvement of information security governance, risk management, and compliance program. This role contributes directly to ...

next page

Showing results 1-20

People also search for

All JobsSecurity Governance Jobs

Security Governance information

See salary details

$11

$19

$25

How much do security governance jobs pay per hour?

As of May 29, 2026, the average hourly pay for security governance in the United States is $19.03, according to ZipRecruiter salary data. Most workers in this role earn between $15.38 and $18.75 per hour, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive in Security Governance, and why are they important?

To excel in Security Governance, a strong understanding of information security principles, risk management, and regulatory compliance is essential, often supported by a degree in cybersecurity or a related field. Familiarity with frameworks like ISO 27001, NIST, and certifications such as CISSP or CISM are highly valued, along with experience using governance, risk, and compliance (GRC) tools. Outstanding analytical thinking, attention to detail, and effective communication skills help professionals influence policy and collaborate across teams. These skills are crucial for establishing robust security policies, minimizing organizational risk, and ensuring compliance with industry standards.

What are the main challenges faced by professionals in Security Governance, and how can they be addressed?

Professionals in Security Governance often encounter challenges such as aligning security policies with business objectives, managing compliance with evolving regulations, and fostering a security-conscious culture across diverse teams. Addressing these challenges requires ongoing communication with stakeholders, regular policy reviews, and effective training programs to ensure everyone understands their role in maintaining security. Collaboration with IT, legal, and business units is essential to implement governance frameworks that are both practical and robust, enabling organizations to mitigate risks while supporting operational goals.

What is Security Governance?

Security Governance refers to the framework and processes that ensure an organization's information security strategies are aligned with its business objectives, regulatory requirements, and risk management practices. It involves establishing policies, roles, responsibilities, and oversight mechanisms to protect information assets effectively. Security governance provides direction and accountability, making sure that security initiatives are well-coordinated and that risks are managed at the highest level. This helps organizations maintain trust, comply with laws, and respond effectively to evolving threats.

What is the difference between Security Governance vs Security Analyst?

AspectSecurity GovernanceSecurity Analyst
CertificationsISO 27001 Lead Implementer, CISSP, CISMCompTIA Security+, CISSP, GIAC Security Essentials
Work EnvironmentStrategic, policy-focused, executive-levelOperational, technical, monitoring security threats
Employer & Industry UsageOrganizations' security leadership, compliance teamsSecurity operations centers, IT departments

Security Governance focuses on establishing policies, frameworks, and strategic oversight to ensure overall security compliance. In contrast, Security Analysts handle day-to-day security monitoring, threat detection, and incident response. Both roles are essential but differ in scope, responsibilities, and focus areas within the cybersecurity landscape.

More about Security Governance jobs
What cities are hiring for Security Governance jobs? Cities with the most Security Governance job openings:
What states have the most Security Governance jobs? States with the most job openings for Security Governance jobs include:
Security Governance jobs near you
Infographic showing various Security Governance job openings in the United States as of May 2026, with employment types broken down into 1% As Needed, 36% Full Time, 53% Part Time, 1% Temporary, 8% Contract, and 1% Nights. Highlights an 77% Physical, 13% Hybrid, and 10% Remote job distribution, with an average salary of $39,591 per year, or $19 per hour.
Senior Manager, Security Governance

Senior Manager, Security Governance

Pattern Energy Group LP

Houston, TX

$106K - $143.20K/yr

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 16 days ago

Job description

COMPANY OVERVIEW

Pattern Energy is a leading renewable energy company that develops, constructs, owns, and operates high-quality wind and solar generation, transmission, and energy storage facilities. Our mission is to transition the world to renewable energy through the sustainable development and responsible operation of facilities with respect for the environment, communities, and cultures where we have a presence.
Our approach begins and ends with establishing trust, accountability, and transparency. Our company values of creative spirit, pride of ownership, follow-through, and a team-first attitude drive us to pursue our mission every day. Our culture supports our values by fostering innovative and critical thinking and a deep belief in living up to our promises.
Headquartered in the United States, Pattern has a global portfolio of more than 35 power facilities and transmission assets, serving various customers that provide low-cost clean energy to millions of consumers.


JOB PURPOSE

The Sr. Manager, Enterprise Technology Security & Governance is responsible for leading, governing, and maturing the organization’s enterprise security, cyber risk management, and critical infrastructure compliance capabilities. This role provides end to end ownership of security operations, identity governance, vulnerability and patch management, and NERC CIP compliance governance, ensuring alignment between regulatory obligations, cyber risk posture, and operational continuity across IT, OT, and cloud environments aligned to industry-standard frameworks such as NIST Cybersecurity Framework (CSF) and NIST 800-53/800-82 where applicable.

This is a hands-on senior leadership role requiring a blend of deep technical expertise, regulatory knowledge, and the ability to establish strong governance, policy, and accountability frameworks. The role operates at the intersection of cybersecurity, critical infrastructure operations, and compliance, serving as a key advisor to executive leadership on security risk and NERC CIP readiness. The ideal candidate has experience operating in regulated, mission critical environments—preferably energy, utilities, or renewables—and can balance security rigor with business and operational realities.

Key Accountabilities

  • Security & compliance governance
  • Establish and operate enterprise governance aligned to nist cybersecurity framework (csf) and nerc cip, including control mapping, maturity assessment, and consistent execution across it, ot, and cloud environments develop and maintain a nist-aligned security maturity roadmap, using nist csf or 800-53 to assess current state, define target state, and prioritize risk-based improvements
  • Oversee and continuously improve incident response and cyber crisis management capabilities, including tabletop exercises and post-incident reviews
  • partner with security operations to ensure detection and response capabilities align with enterprise risk tolerance
  • Define, maintain, and enforce security, access control, patching, and vulnerability management policies, standards, and procedures
  • Serve as a primary security and compliance authority during nerc cip audits, assessments, and regulatory engagements
  • Ensure audit readiness through strong documentation, logging, evidence collection, and control validation
  • Develop and execute a multi-year security and compliance roadmap aligned with business priorities, regulatory requirements, and risk posture
  • Track compliance risks, remediation commitments, and control effectiveness, escalating issues as needed
  • Establish and govern third-party cyber risk management, including vendor assessments, access controls, and ongoing monitoring
  • Identity & access governance
  • Own iam and identity governance programs, including rbac, least privilege enforcement, separation of duties, and periodic access certifications
  • Ensure access control processes integrate with compliance, audit, and security monitoring requirements
  • Partner with hr, infrastructure, ot, and cloud teams to ensure secure and compliant onboarding, offboarding, and role changes
  • Cross functional leadership
  • Collaborate closely with infrastructure, ot, cloud, security operations, legal, compliance, and internal audit teams to reduce cyber and compliance risk
  • Act as a bridge between technical execution teams and executive leadership
  • Translate technical vulnerabilities and compliance gaps into clear, business focused risk narratives
  • People & capability development
  • Coach, mentor, and develop a high performing team through clear goals, feedback, and career development
  • Identify capability gaps and build sustainable processes rather than single point technical dependencies
  • Evaluate and implement tools and technologies that improve security posture, compliance maturity, and operational efficiency

Experience/Qualifications/Education Required

  • 10+ years of experience across cybersecurity, enterprise IT, infrastructure, or OT environments, with demonstrated management of one or more of the following:
  • Security operations, vulnerability management, and patching
  • Identity and access management (IAM) and privileged access management
  • Governance, Risk, and Compliance (GRC)
  • 5+ years of people leadership experience, including hiring, performance management, and development of technical teams
  • Demonstrated experience supporting and governing NERC CIP compliance, including:
    • Asset and system classification
    • Patch management and vulnerability remediation
    • Access control, identity governance, and evidence management
    • Audit preparation, regulatory inquiries, and remediation tracking
  • Familiarity with and practical application of NIST Cybersecurity Framework (CSF), NIST 800-53, and/or NIST 800-82 in enterprise or critical infrastructure environments
  • Demonstrated experience mapping regulatory requirements (e.g., NERC CIP) to NIST frameworks and using NIST to drive control maturity and risk-based prioritization
  • Strong technical and governance knowledge of:
    • Cybersecurity governance, risk management, and compliance frameworks
    • Patch management tools and enterprise remediation programs
    • Vulnerability assessment, risk scoring, and remediation lifecycle
    • Identity and access management (IAM), RBAC, and least privilege models
    • Logging, monitoring, and control evidence collection
  • Experience working in regulated or critical infrastructure environments
  • Proven ability to translate regulatory and technical risk into business and operational impact
  • Strong communication and stakeholder management skills across technical, operational, and executive audiences

 

The expected starting pay range for this role is $118,000 - $160,000 USD. This range is an estimate and base pay may be above or below the ranges based on several factors including but not limited to location, work experience, certifications, and education. In addition to base pay, Pattern’s compensation program includes a bonus structure for full-time employees of all levels. We also provide a comprehensive benefits package which includes medical, dental, vision, short and long-term disability, life insurance, voluntary benefits, family care benefits, employee assistance program, paid time off and bonding leave, paid holidays, 401(k)/RRSP retirement savings plan with employer contribution, and employee referral bonuses.

Pattern Energy Group is an Equal Opportunity Employer.

#LI-JH1 LI-Hybrid

Apply