Job Details

ID #41106605
State California
City Eldoradohills
Job type Permanent
Salary USD TBD TBD
Source Blue Shield Of California
Showed 2022-05-18
Date 2022-05-17
Deadline 2022-07-16
Category Security
Create resume

Information Security Risk and Governance Specialist, Consultant

California, Eldoradohills, 95762 Eldoradohills USA

Vacancy expired!

Blue Shield of California's mission is to ensure all Californians have access to high-quality health care at a sustainably affordable price. We are transforming health care in a way that truly serves our nonprofit mission by lowering costs, improving quality, and enhancing the member and physician experience.

To fulfill our mission, we must ensure a diverse, equitable, and inclusive environment where all employees can be their authentic selves and fully contribute to meet the needs of the multifaceted communities we serve. Our comprehensive approach to diversity, equity, and inclusion combines a focus on our people, processes, and systems with a deep commitment to promoting social justice and health equity through our products, business practices, and presence as a corporate citizen.

Blue Shield has received awards and recognition for being a certified Great Place to Work, best place to work for LGBTQ equality, leading disability employer, one of the best companies for women to advance, Bay Area's top companies in volunteering & giving, and one of the world's most ethical companies. Here at Blue Shield of California, we are striving to make a positive change across our industry and the communities we live in - join us!

Your Role

The Information Assurance team is a trusted partner providing solutions to standardize risk reporting, quantitative risk modeling and critical support for trust assurance services. The Information Security Risk and Governance Specialist, Consultant will report to the Senior Manager of Information Assurance. In this role, you will build and implement a risk quantification program requiring collaboration across the organization to assess risk scenarios and prioritization. The Consultant is a subject matter expert and trusted advisor in information technology and security governance, risk, and compliance best practices.

Your Work

In this role, you will:
  • Lead and engage with the business to identify risks and lead the implementation of risk mitigation plans to address cyber risks
  • Implements strategic goals established by IT Security leadership.
  • Be responsible for entire projects / programs or processes as Industry knowledgeable lead within IT Security Governance
  • Provide metrics for the cyber security risk management dashboard reporting
  • Communicate and collaborate with corporate counsels, privacy, legal, enterprise risk management, HR departments and external customers or vendors to monitor compliance enforcement of standards and regulations
  • Influence decisions which are usually more project and operationally oriented and explain policies, standards, practices, and procedures of the job area/department to others within the organization
  • Contribute to team-based work or independent tasks, always looking to learn more and take initiative on multiple projects and tasks
  • Contribute and maintain the risk quantification program and collaborate with senior leadership
  • IT/Security questionnaires. Experience responding to security questionnaires, interviews/reviews for existing, potential partners, various departments or vendors as mandated by regulatory agencies
  • Evaluate, identify, and recommend options to existing processes inefficiencies and gaps and communicate issues and risks to stakeholders and senior leadership
  • Working knowledge of NIST 800-53, HIPAA, SOC2, HITECH, CCPA, and PCI applicable laws, regulations, guidelines, and controls

Your Knowledge and Experience
  • Requires a bachelor's degree or equivalent experience
  • Requires at least 7 years of prior relevant experience
  • Excellent communication and presentation skills at every level including executives is desired
  • Experience as a cyber risk expert, knowledge or implementation of statistical modeling/FAIR Risk Model or similar risk management framework experience is desired.
  • Practical knowledge in leading and coordinating the execution of process, projects and tactics within an area is desired
  • Experience measuring and quantifying risk is desired
  • Desired CISSP, CRISC, CISM, CISA or similar certification

Our Values
  • Honest. We hold ourselves to the highest ethical and integrity standards. We build trust by doing what we say we're going to do and by acknowledging and correcting where we fall short
  • Human. We strive to be our authentic selves, listening and communicating effectively, and showing empathy towards others by walking in their shoes
  • Courageous. We stand up for what we believe in and are committed to the hard work necessary to achieve our ambitious goals
#Dice

Vacancy expired!

Subscribe Report job