×
Register Here to Apply for Jobs or Post Jobs. X

Information Security & Technology Mgr, Sr

Job in Evansville, Vanderburgh County, Indiana, 47725, USA
Listing for: Old National Bank
Full Time position
Listed on 2026-07-01
Job specializations:
  • IT/Tech
    Information Security, Cybersecurity, Data Security
Salary/Wage Range or Industry Benchmark: 98400 - 199000 USD Yearly USD 98400.00 199000.00 YEAR
Job Description & How to Apply Below

Responsibilities

Salary range: $98,400/yr – $199,000/yr plus bonus.

The Information Security & Technology Risk Manager supports and executes second‑line-of‑defense (2

LOD) governance, oversight, and independent challenge across information security and technology risk at Old National Bancorp. Reporting to the Director of Information Security & Technology Risk, this role is responsible for establishing and maintaining the enterprise information security and technology risk framework, including policies, standards, and monitoring practices, to ensure alignment with Board‑approved risk appetite and regulatory expectations.

This role supports the execution and continuous enhancement of the Information Security and Technology Risk Management Program, helping to safeguard the confidentiality, integrity, and availability of customer, employee, and business information in accordance with ONB policies and applicable regulatory requirements. The Manager serves as a consultative partner to both the first and second lines of defense, providing risk advisory and interpretation of regulatory expectations to business units and leadership.

Additionally, the role provides independent oversight of first‑line technology and information security activities, leveraging strong analytical expertise and sound risk judgment to assess, challenge, and strengthen risk management practices and control effectiveness. Key responsibilities include overseeing governance, risk, and compliance (GRC) activities, leading independent testing and validation, and managing corporate security awareness initiatives.

Governance, Risk & Compliance (GRC) – Information Security and Technology Risk Management Framework Ownership
  • Support the development, enhancement, and ongoing maintenance of the enterprise Information Security & Technology Risk Management (ISTRM) framework, including programs, policies, standards, guidelines, and procedures to ensure alignment with regulatory and industry expectations.
  • Contribute to the maintenance of technology and cyber risk taxonomy, risk appetite alignment, and key risk indicators (KRIs), supporting consistent risk measurement, monitoring, and reporting to management and Board committees.
  • Provide independent challenge and advisory support to first line risk offices and technology leadership on risk identification, control effectiveness, and remediation prioritization, while partnering with stakeholders to ensure timely issue identification and resolution.
  • Oversee adherence to information security and technology risk policies, programs, and standards, including monitoring control effectiveness and supporting continuous improvement of governance, risk analysis, and oversight practices.
  • Support the implementation of information security and technology risk governance, monitoring, and risk management activities, including security awareness initiatives, to promote a strong control environment and risk‑aware culture.
  • Apply risk management practices to safeguard sensitive data and support compliance with applicable legal, regulatory, and industry requirements across information assets and technology systems.
Risk Identification, Assessment, Monitoring & Reporting (2

LOD)
  • Execute and oversee second line monitoring and review activities using a risk‑based approach, including validation of control design and operating effectiveness performed by first line teams.
  • Maintain and support governance of risk registers, issue inventories, and exception tracking within the enterprise GRC platform; ensure appropriate documentation, escalation, and reporting cadence.
  • Develop and deliver clear, concise risk reporting for management and risk committees, including trends, material findings, and aging issues/exceptions.
Independent Testing & Validation (Assurance within 2

LOD)
  • Establish and execute an annual independent testing and validation plan across information security and technology risk domains, informed by risk assessments, regulatory expectations, and audit/exam feedback.
  • Perform independent validation of remediation for material issues and control deficiencies; confirm evidence sufficiency and recommend formal closure or…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary