Information Security Risk and Governance Specialist, Senior

Information Security Risk and Governance Specialist, Senior Blue Shield of CA United States, California, Rancho Cordova May 29, 2026 Your Role The Technology and Data Trust Assurance Services team drives BSC technology and information security adherence to regulatory standards, as well as policies, standards, and controls development, with the goal of evaluating, directing and monitoring IT vendor performance, while safeguarding company assets and maintaining and securing the confidentiality, integrity, and availability of Blue Shield of California data. The Technology Risk and External Assurance program runs technology governance forums including the Artificial Intelligence (AI) Governance function and manages technology risk from identification to risk consequence management for BSC. The Information Security Risk & Governance Specialist, Senior will report to the Senior Manager, Technology External Assurance. In this role, you will be a key individual contributor to the Technology Risk and External Assurance team and Blue Shield's overall strategy and goals by providing consistent, coordinated SOC 2 and PCI-DSS audit and compliance support, information security oversight including

NIST CSF

maturity assessments, AI governance and technology risk assessment support, and risk reporting in partnership with leaders, stakeholders, and Stellarus. Your Knowledge and Experience Requires a bachelor's degree or equivalent experience and 5+ years of prior relevant experience 2+ years of experience with technology service management, IT project management 2+ years of experience with information security awareness and training or IT user training Knowledge of Artificial Intelligence (AI) governance and monitoring practices is preferred Ability to provide excellent customer service and to conduct user awareness training Knowledge of various information technology governance and control frameworks and industry standards such as COBIT and NIST Problem-solving and critical-thinking skills to recognize and comprehend complex issues, policies, regulatory requirements, and industry information affecting the business environment Ability to communicate and articulate complex analysis in a clear, precise, and actionable manner Proven collaborator with strong interpersonal skills, works collaboratively within the team and outside the team Proficient in developing presentations and in written and verbal communication Proficiency in Microsoft Office products Experience managing workflows and queues in ticketing systems GCIH and CISSP certification preferred Hybrid This role requires employees to be in - office based on our hybrid workplace model, balancing purposeful in - person collaboration with flexibility. For most teams, this means coming into the office two days each week. Employees living more than 50 miles from an office location will work with their manager to determine in-office time based on business need. #LI-CP4