Information Security Risk Governance Specialist

Must have

• Bachelors degree or equivalent experience
• Minimum of 10 years of relevant experience
• Experience in portfolio management, preferably in an Agile or SAFe environment; JIRA experience is a plus
• Proven ability to collaborate with all levels of management
• Enthusiastic, team-oriented individual with exceptional verbal and written communication skills
• Strong analytical, organizational, and project management abilities
• In-depth knowledge of IT control frameworks; familiarity with Artificial Intelligence Risk Management Framework is highly preferred
• One or more of the following certifications desired: CRISC, CISM, CISA, CISSP

• Act as the key contact for external audits, assessments, and regulatory inquiries
• Create and manage compliance documentation, including policies, procedures, and control matrices
• Design and lead necessary assessments to meet compliance mandates and certifications (HIPAA, PCI DSS, SOC II, Type 2, etc.)
• Perform internal gap analyses and risk assessments to pinpoint areas of non-compliance or control flaws
• Monitor and report on audit discoveries, remediation activities, and compliance status to senior management
• Collaborate with various teams throughout the organization to ensure alignment with regulatory requirements and enterprise risk goals
• Provide expert advice during product development, vendor onboarding, and system implementations to ensure compliance is integrated into processes
• Work on maintaining and enhancing internal control frameworks in line with regulatory standards and industry best practices (e.g., NIST, HITRUST, ISO)
• Ensure policies and procedures are current and reflect the latest regulatory expectations and organizational practices
• Initiate continuous monitoring for vital compliance controls, findings, and mitigation strategies
• Compile and deliver compliance metrics, dashboards, and executive summaries to leadership and governance committees

Company:

At Stellarus, part of the Ascendiun Family of Companies, we are committed to fostering a culture of growth and leadership across all levels. Our Risk Management & Controls Assurance team provides actionable insights by assessing IT and business risks, enhancing resilience, and promoting a security-centric environment. We are on the lookout for an Information Security Risk & Governance Specialist to spearhead our regulatory compliance initiatives with a focus on healthcare and technology standards.

We believe in nurturing great leaders and creating opportunities for personal, professional, and financial growth within our teams.