Information Security & Technology Mgr, Sr
Old National Bank · Lake Elmo, MN · 2 wk ago
Information Technology$98k–$199k/yrFull-time
Responsibilities
- Salary Range: The salary range for this position is $98,400/yr - $199,000/yr plus bonus.
- Supports and executes second line of defense (2LOD) governance, oversight, and independent challenge across information security and technology risk at Old National Bancorp.
- Establishes and maintains the enterprise information security and technology risk framework, including policies, standards, and monitoring practices, to ensure alignment with Board-approved risk appetite and regulatory expectations.
- Contributes to the maintenance of technology and cyber risk taxonomy, risk appetite alignment, and key risk indicators (KRIs), supporting consistent risk measurement, monitoring, and reporting to management and Board committees.
- Provides independent challenge and advisory support to first line risk offices and technology leadership on risk identification, control effectiveness, and remediation prioritization, while partnering with stakeholders to ensure timely issue identification and resolution.
- Oversees adherence to information security and technology risk policies, programs, and standards, including monitoring control effectiveness and supporting continuous improvement of governance, risk analysis, and oversight practices.
- Serves as a consultative partner to both the first and second lines of defense, providing risk advisory and interpretation of regulatory expectations to business units and leadership.
- Provides independent oversight of first-line technology and information security activities, leveraging strong analytical expertise and sound risk judgment to assess, challenge, and strengthen risk management practices and control effectiveness.
- Oversight of governance, risk, and compliance (GRC) activities, leading independent testing and validation, and managing corporate security awareness initiatives.
Requirements
- Bachelor degree in Information Technology, Cybersecurity, Risk Management, Audit, or related field (advanced degree preferred).
- 10+ years relevant experience across information security, technology risk, governance, risk, and compliance (GRC), or related disciplines in a highly regulated industry, with a minimum of 3 years managing teams.
- 3+ years of management experience.
- Demonstrated experience aligning security and technology risk governance to recognized frameworks (e.g., NIST, ISO 27001) and banking regulatory expectations.
- Experience establishing risk monitoring, independent testing/validation, and issue/exception governance processes with strong evidence discipline.
- Strong communication skills; experience presenting risk posture, trends, and recommendations to management committees.
- Proven ability to partner effectively across all levels of the organization and develop positive working relationships.
- Thorough understanding of auditing/examination techniques.
- Knowledge of applicable state and federal banking laws and regulations and of bank services, policies, and procedures.
- Demonstrates conceptual thinking and analytical skills.
- Advanced problem-solving skills with the ability to define problems, analyze variables and propose solutions.
- Strong leadership skills with supervisory experience, strong interpersonal skills and knowledgeable risk management professional.
- Preferred Certifications: CISSP, CISM, CISA, CRISC, or equivalent.
Qualifications
- People Leadership: Coach & Empower Others, Lead Change, Culture Leadership, Execution Leadership, Collaboration, Risk Leadership / Independent Challenge, Communication, Analytical Problem Solving.
- Key Competencies: Coaching and empowering others, leading change, culture and values leadership, execution leadership, collaboration, risk leadership/independent challenge, communication, analytical problem solving.