Blue Shield of California

Job Description

Your Role

This role supports Stellarus within the Ascendiun Family of Companies. The Risk Management & Controls Assurance team delivers actional insights by quantifying IT and business risk to increase resilience while driving a security culture. We are seeking an Information Security Risk & Governance Specialist who will report to the Senior Manager. The successful candidate will be a highly experienced and proactive professional to lead regulatory compliance initiatives across the organization, with a focus on healthcare and technology-related standards. This senior individual contributor will be responsible for overseeing assessments and audits related to HIPAA, PCI-DSS, SOC 2, and other applicable frameworks, ensuring the organization maintains a strong security posture and meets all regulatory obligations.

Our leadership model is about developing great leaders at all levels and creating opportunities for our people to grow – personally, professionally, and financially. We are looking for leaders that are energized by creative and critical thinking, building and sustaining high-performing teams, getting results the right way, and fostering continuous learning.

Responsibilities

Your Work

In this role, you will:

Regulatory Program Leadership

• Serve as the primary point of contact for external audits, assessments, and regulatory inquiries.
• Develop and maintain compliance documentation, including policies, procedures, control matrices, and evidence repositories.
• Build plan and lead required assessments to comply with mandates and certifications (HIPAA, PCI DSS, SOC II, Type 2, etc.).

Assessment & Audit Management

• Conduct internal gap analyses and risk assessments to identify areas of non-compliance or control weaknesses.
• Track and report on audit findings, remediation efforts, and compliance status to senior leadership.

Cross-Functional Collaboration

• Partner with teams across the enterprise to ensure alignment with regulatory requirements and enterprise risk objectives.
• Provide subject matter expertise during product development, vendor onboarding, and system implementations to ensure compliance is embedded in processes.

Policy & Control Frameworks

• Partner to maintain and enhance internal control frameworks aligned with regulatory standards and industry best practices (e.g., NIST, HITRUST, ISO 27001).
• Partner to ensure policies and procedures are up-to-date and reflect current regulatory expectations and organizational practices.

Monitoring & Reporting

• Implement continuous monitoring processes for key compliance controls, findings and mitigation plans.
• Prepare and present compliance metrics, dashboards, and executive summaries to leadership and governance committees.

Qualifications

Your Knowledge and Experience

• Requires a bachelor's degree or equivalent experience
• Requires at least 10 years of prior relevant experience
• Experience in portfolio management, preferably within an Agile or SAFe environment, JIRA experience a plus
• Experience partnering with all levels of management required
• Driven, energetic, team player with superior oral and written communication skills
• Strong analytical, organizational, and project management skills.
• Requires deep understanding of IT control frameworks; Artificial Intelligence Risk Management Framework is strongly preferred
• Desire one or more of the following: CRISC (Certified in Risk and Information Systems Control), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional)

ABOUT US

About Stellarus and the Ascendiun Family of Companies

Stellarus, launched in January 2025, is designed to scale innovative healthcare solutions that support customers in creating a health care experience deserving of their family, friends, and neighbors.

Stellarus is part of a family of organizations that is overseen by a nonprofit corporate entity named Ascendiun. The Ascendiun Family of Companies also includes Blue Shield of California and its subsidiary, Blue Shield of California Promise Health Plan and Altais, a clinical services company.

Stellarus’ vision is to empower its customers to create a healthcare experience that is worthy of their family, friends, and neighbors. Stellarus’ objective is to offer innovative, modern, scalable solutions that challenge the health care status quo. This very closely aligns with Blue Shield of California’s vision by using innovation to improve quality, affordability, and experience for members.

To achieve our mission, we foster an environment where all employees can thrive and contribute fully to address the needs of the various communities we serve. We are committed to creating and maintaining a supportive workplace that upholds our values and advances our goals.

Our Values:

At Stellarus, our core values of agility, trust, drive, courage and service shape our approach to developing innovative product offerings.

Our Workplace Model:

At Stellarus and the Ascendiun Family of Companies, we believe in fostering a workplace environment that balances purposeful in-person collaboration with flexibility. As we continue to evolve our workplace model, our focus remains on creating spaces where our people can connect with purpose – whether working in the office or through a hybrid approach – by providing clear expectations while respecting the diverse needs of our workforce.

Two Ways of Working:

• Hybrid (Default): Work from a business unit-approved office at least two (2) times per month (for roles below Director-level) or once per week (for Director-level roles and above). Exceptions:

o Member-facing and approved out-of-state roles remain remote.

o Employees living more than 50 miles from their assigned offices are expected to work with their managers on a plan for periodic office visits.

o For employees with medical conditions that may impact their ability to work in-office, we are committed to engaging in an interactive process and providing reasonable accommodations to ensure their work environment is conducive to their success and well-being.

• On-Site: Work from a business unit-approved office an average of four (4) or more days a week.

Physical Requirements:

Office Environment - roles involving part to full time schedule in Office Environment. Based in our physical offices and work from home office/deskwork - Activity level: Sedentary, frequency most of work day.

Please click here for further physical requirement detail.

Equal Employment Opportunity:

External hires must pass a background check/drug screen. Qualified applicants with arrest records and/or conviction records will be considered for employment in a manner consistent with Federal, State and local laws, including but not limited to the San Francisco Fair Chance Ordinance. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, national origin, sexual orientation, gender identity, protected veteran status or disability status and any other classification protected by Federal, State and local laws.

• Job Identification 20252421
• Job Category Information Technology
• Posting Date 01/06/2026, 12:12 AM
• Apply Before 01/30/2026, 08:00 AM
• Job Schedule Full time
• Locations El Dorado Hills, CA, United States CA, United States Long Beach, CA, United States Los Angeles, CA, United States Oakland, CA, United States Rancho Cordova, CA, United States Sacramento, CA, United States
• Pay Range for California $145970.00 to $218900.00
• Pay Range for Bay Area $164548.00 to $246760.00
• Note Please note that this range represents the pay range for this and many other positions at Blue Shield that fall into this pay grade. Blue Shield salaries are based on a variety of factors, including the candidate experience, location (California, Bay Area, or outside California), and current employee salaries for similar roles.
• Role can be filled by a candidate requiring sponsorship No

Pay Range for California $145970.00 to $218900.00 Pay Range for Bay Area $164548.00 to $246760.00 Please note that this range represents the pay range for this and many other positions at Blue Shield that fall into this pay grade. Blue Shield salaries are based on a variety of factors, including the candidate experience, location (California, Bay Area, or outside California), and current employee salaries for similar roles.

Read Full Description