Information Security Risk and Governance Specialist, ...

Your Role The Technology and Data Trust Assurance Services team drives BSC information security adherence to regulatory standards, as well as policies, standards, and controls development, with the goal of safeguarding company assets and maintaining and securing the confidentiality, integrity, and availability of Blue Shield of California information assets. The Information Risk Governance Specialist, Principal will report to the Director, Technical Risk and External Assurance. In this role you will provide subject matter expertise, thought leadership, guidance, and best practice support across security, artificial intelligence (AI), and governance risk management functions. You will drive processes for data and technical security governance frameworks like COBIT, ensuring clear accountability for key stakeholders and stewards of Blue Shield of California technology and data assets. You will develop relationships across Blue Shield of California and Stellarus, supporting executive leadership committee activities, developing and maturing governance committee processes and outcomes. Our leadership model is about developing great leaders at all levels and creating opportunities for our people to grow - personally, professionally, and financially. We are looking for leaders that are energized by creative and critical thinking, building and sustaining high-performing teams, getting results the right way, and fostering continuous learning. Your Knowledge and Experience Requires a bachelor’s degree or equivalent experience Requires at least 10 years of relevant experience, including a solid understanding of AI technology and models and associated security risks Requires knowledge and experience with Information Security governance frameworks, such as NIST, HITRUST, and COBIT. Proven experience as an information security governance, compliance and/or risk manager and knowledge of various information security governance and control frameworks. Experience with the U.S. Department of Health and Human Services Health Insurance Portability and Accountability Act Security Rule and Privacy Rule is preferred. CISSP, CRISC, CISM, CISA or similar certification is strongly preferred Significant experience leading large, complex, enterprise-wide products and system implementations that have strategic importance to the organization Ability to understand internal and external drivers for changes to data governance policies Problem-solving and critical-thinking skills to recognize and comprehend complex issues, policies, regulatory requirements, and industry information affecting the business environment Experience managing enterprise data governance and data sharing functions strongly preferred #J-18808-Ljbffr

Created: 2025-09-28