VP, Information Security Risk Officer (ISRO)

VP, Information Security Risk Officer (ISRO) at NPA Worldwide VP, Information Security Risk Officer (ISRO) at NPA Worldwide in Houston, Texas Posted in 1 day ago.

Type:

full-time

Job Description:

Job description: VP, Information Security Risk Officer (ISRO) Trust Company l Financial Services Houston, TX (on-site role)

Compensation:

$165k - 200k plus bonus plus long-term incentive program including employee tracking stock grants Please note: Financial services industry experience is required. Our client is one of the largest private, independent, full-service trust companies in the state of Texas. Since its founding, the company has grown to serve hundreds of relationships worldwide and currently manages over $10 billion in client assets. With a state-of-the-art trust accounting system, the firm is seeking an experienced Information Security Risk Officer (ISRO) to lead its overall technology and information security strategy. This role carries accountability for the organizations technology roadmap, vendor ecosystem, cybersecurity posture, IT compliance, and digital transformation initiatives. Serving as the subject matter expert on regulatory technology requirements, the ISRO is also responsible for technology policies and procedures and acts as the primary contact for IT and Information Security exams and audits. Responsibilities of the

VP, Information Security Risk Officer:

Strategic Leadership and Technology Vision Lead the IT Steering Committee, conducting quarterly meetings and serving as a voting member Maintain oversight of the MSP relationship (Integris) and the information security program Partner with leadership to align technology with business goals, oversee enterprise infrastructure and information security, and drive innovation to enhance client and employee experience Oversee the IT Officer, fostering a culture of accountability, innovation, and continuous learning Present technology strategy and risk updates to the board and leadership as needed Develop and lead staff technology and information security training Lead the cross-functional business continuity team through disasters and other incidents Lead the key vendor review process, including due diligence and contract renewals Proactively assess new company initiatives and provide guidance on inherent security risks Policy Development and Maintenance Author, maintain, and version-control all enterprise IT policies and procedures Review, update, and present information security and business continuity plans Develop a formal policy review calendar and lead all reviews of technology governance documents Create and maintain IT operational procedures, standards, and control documentation Translate regulatory guidance, examination findings, and industry frameworks (NIST, FFIEC, ISO 27001, GLBA, SOC 2) into actionable internal policy requirements Update and document processes using flowcharts, narratives, and risk and control matrices Regulatory Compliance, Risk Management, and Audit Coordination Serve as the primary point of contact for all IT-related regulatory examinations, internal and external audits, and manage responses, tracking all findings to resolution Stay current on cybersecurity standards, including

NIST CSF

updates, FFIEC guidance, and relevant CISA advisories Monitor evolving federal and state banking regulations (GLBA, FFIEC IT Examination Handbook, Texas Department of Banking, etc.) and communicate changes Ensure timely updates to internal policies and procedures in response to regulatory guidance Design and test IT general controls and ensure proper documentation for SOC reports and other attestation requirements Coordinate periodic testing, including user access, clean desk, disaster recovery, and incident response Understand and comply with the Bank Secrecy Act and Know Your Customer procedures Develop and maintain knowledge of fiduciary tax laws and the

Texas Trust Code Qualifications:

Qualifications of the

VP, Information Security Risk Officer:

10+ years of experience in information security risk management, compliance, or IT leadership within financial services or banking Bachelors degree in Management Information Systems, Computer Science, Cybersecurity, Business Administration, or related field preferred Knowledge of FFIEC with CCISO, CISM, or CISSP designations preferred Willingness to learn GWES trust accounting system and other firm technologies Proficiency in Microsoft Office products including Word, Excel, and Outlook Self-starter with strong initiative, sound judgment, and problem-solving skills Team-oriented with a positive attitude and collaborative mindset Discreet and reliable, with the ability to handle highly confidential financial and personal information Why is This a

Great Opportunity:

What Our Amazing Client Offers:

Competitive compensation with a discretionary annual bonus based on performance Long-term incentive program including employee tracking stock grants that vest over five years and provide dividend participation during the vesting period Comprehensive benefits including medical, dental, and vision insurance, with the company covering a significant portion of employee coverage 401(k) plan with company contribution based on total cash compensation after one year of service Generous vacation policy Long-term disability and life insurance coverage with company contributions Free parking at the office location and access to the building fitness center, with optional training sessions during the work week Opportunity to work within an exceptional team and join a highly respected organization known for its long-tenured team, collaborative culture, and commitment to professional development

Keywords:

Information Security Risk Officer, ISRO, Cybersecurity, IT Risk, Financial Services, Trust Company, FFIEC, GLBA, NIST, SOC 2, ISO 27001, IT Governance, Risk Management, Compliance, Audit, Cyber Risk, Vendor Management, Digital Transformation, Business Continuity, CISO, CISSP, CISM, CCISO