Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
U.S. Bank

Information Security Risk Oversight Professional

U.S. Bank

Information Security Risk Oversight Professional ensuring cybersecurity compliance and effective risk management. Collaborating with leadership and providing independent oversight within U.S.

Posted 6/2/2026full-timeCincinnati • Minnesota, Ohio, Texas • 🇺🇸 United StatesSeniorLead💰 $111,605 - $131,300 per yearWebsite

Tech Stack

Tools & technologies
CloudCyber Security

About the role

Key responsibilities & impact
  • Provide independent oversight and credible challenge of the Information Security program across multiple security pillars, including governance, risk assessments, controls, metrics, and issue management
  • Perform risk‑based assessments of first line security practices, identifying gaps, weaknesses, thematic concerns, emerging risks, and control deficiencies
  • Develop and articulate independent risk opinions supported by sound analysis, evidence, and professional judgment
  • Evaluate alignment of first line activities with applicable laws, regulations, regulatory guidance, industry standards (e.g., NIST 800-53, FFIEC, PCI, NIST CSF 2.0, etc), and internal policies
  • Monitor key risk indicators, security metrics, assessment results, and issue trends to identify systemic risks or areas requiring escalation
  • Escalate material risks, control weaknesses, or ineffective risk management practices through appropriate governance and reporting channels
  • Act as a subject matter expert on information security risk, providing insights and guidance to stakeholders while maintaining 2LoD independence
  • Build and maintain strong, professional relationships with first line stakeholders while confidently challenging assumptions, conclusions, and risk positions when necessary
  • Contribute to executive‑level risk reporting by clearly summarizing risk posture, trends, and areas of concern in a concise and defensible manner
  • Stay current on evolving cybersecurity threats, regulatory expectations, and industry best practices to continuously strengthen oversight effectiveness

Requirements

What you’ll need
  • Bachelor's degree, or equivalent work experience
  • Typically more than eight years of applicable experience
  • Strong foundational understanding of information security domains (e.g., vulnerability management, identity and access management, application security, cloud security, security governance, incident management)
  • Demonstrated ability to perform risk assessments and oversight activities with depth, critical thinking, and professional skepticism
  • Experience operating in or with a Second Line of Defense, audit, or regulatory environment is strongly preferred
  • Proven ability to work independently and autonomously, managing priorities and delivering high-quality work with limited direction
  • Strong written and verbal communication skills, including the ability to translate technical risk into clear, executive-ready insights
  • Ability to engage confidently with senior stakeholders while maintaining independence, objectivity, and professionalism
  • Relevant certifications (e.g., CISSP, CISA, CRISC, CISM) are preferred but not required

Benefits

Comp & perks
  • Healthcare (medical, dental, vision)
  • Basic term and optional term life insurance
  • Short-term and long-term disability
  • Pregnancy disability and parental leave
  • 401(k) and employer-funded retirement plan
  • Paid vacation (from two to five weeks depending on salary grade and tenure)
  • Up to 11 paid holiday opportunities
  • Adoption assistance
  • Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
risk assessmentsinformation securityvulnerability managementidentity and access managementapplication securitycloud securitysecurity governanceincident managementrisk managementcybersecurity threats
Soft Skills
critical thinkingprofessional skepticismindependenceobjectivitycommunication skillsrelationship buildingexecutive reportinganalytical skillsproblem-solvingstakeholder engagement
Certifications
CISSPCISACRISCCISM