VP, Information Security Risk Officer (ISRO)

Job Summary

Seeking a senior Information Security Risk Officer (ISRO) to lead enterprise cybersecurity, IT governance, risk management, regulatory compliance, vendor management, and digital transformation initiatives within a financial services environment.

Location: Houston, TX (Onsite)

Key Responsibilities

Information Security & Technology Leadership

Lead enterprise information security and technology strategy.

Oversee cybersecurity posture, IT governance, and risk management programs.

Align technology initiatives with business objectives.

Lead technology steering committees and strategic planning efforts.

Present technology and risk updates to executive leadership and boards.

Risk Management & Compliance

Serve as the primary contact for IT audits, regulatory examinations, and compliance reviews.

Ensure compliance with FFIEC, GLBA, NIST, ISO 27001, SOC 2, and related regulatory frameworks.

Monitor evolving cybersecurity and banking regulations.

Manage risk assessments, control testing, and remediation efforts.

Lead incident response, disaster recovery, and business continuity initiatives.

Policy & Governance

Develop, maintain, and review IT policies, procedures, standards, and governance frameworks.

Translate regulatory requirements into internal controls and policies.

Maintain risk and control documentation, process maps, and governance records.

Lead periodic policy reviews and updates.

Vendor & Operational Oversight

Oversee technology vendors and managed service providers.

Conduct vendor due diligence, risk assessments, and contract reviews.

Evaluate security risks associated with new business initiatives.

Ensure effective IT operational controls and documentation.

Team Leadership

Mentor and lead technology and security personnel.

Develop organization-wide cybersecurity awareness and training programs.

Foster a culture of accountability, compliance, and continuous improvement.