Information Security Risk and Governance Specialist, Senior

About The Position

Requirements

• Requires a bachelor’s degree or equivalent experience and 5+ years of prior relevant experience
• 2+ years of experience with technology service management, IT project management
• 2+ years of experience with information security awareness and training or IT user training
• Ability to provide excellent customer service and to conduct user awareness training
• Knowledge of various information technology governance and control frameworks and industry standards such as COBIT and NIST
• Problem-solving and critical-thinking skills to recognize and comprehend complex issues, policies, regulatory requirements, and industry information affecting the business environment
• Ability to communicate and articulate complex analysis in a clear, precise, and actionable manner
• Proven collaborator with strong interpersonal skills, works collaboratively within the team and outside the team
• Proficient in developing presentations and in written and verbal communication
• Proficiency in Microsoft Office products
• Experience managing workflows and queues in ticketing systems

Nice To Haves

• Knowledge of Artificial Intelligence (AI) governance and monitoring practices is preferred
• GCIH and CISSP certification preferred

Responsibilities

• Maintain, grow, and modify as needed a Blue Shield of California technology external assurance, risk management and AI governance knowledge bases, with a focus on improving technology risk management and security awareness organizational behavior, policies and standards, governance metrics, processes, and related workflows and tools.
• Provide excellent customer service to all of Technology Risk and External Assurance’s internal and external business stakeholders (including the Stellarus and Promise AI Governance functions) and collaborate with our Stellarus partners to meet customer needs and technology and security assurance requirements.
• Create and maintain security and technology risk management knowledge bases, web pages, playbook(s), processes, and procedures for guiding various technology risk and assurance processes, including security shared services tracking and ticketing queue metrics, security and risk management project support.
• Responsible for managing, triaging, and executing operational work queues for information security and AI governance within our ticketing system, security tools, and email intakes in partnership with Stellarus asset and service owners and business owners and requesters to ensure quality and timeliness.
• Engage with stakeholders across the organization to identify service quality needs, draft requirements, assist in the development of service enhancements, tracking, monitoring, and reporting of the overall health of our services provided to the Ascendiun family of companies.
• Perform impact analysis and root cause analysis of regulatory issues, security incidents, business requests, corrective action plans, and system changes on Technology Risk and External Assurance programs.
• Assist with research and preparation of materials for regular core team meeting and governance forums (e.g., board and committee meetings, AI governance forums, audits and assessment, team meetings, project meetings, stakeholder communications, etc.).
• Facilitate collaboration and coordination of security controls and frameworks, AI use cases, and technology requests, intakes, workstreams, high priority engagements, security incidents and escalated issues.
• Promote and participate in security, compliance and AI acceptable use awareness and training initiatives.