Information Security Specialist
Hexplora · Sacramento, CA · 1 wk ago
Information TechnologyFull-time
Key Responsibilities
- Develop and maintain Enterprise Risk Management (ERM) programs, including frameworks, governance structures, and alignment with organizational goals.
- Design and manage Insider Threat programs, including policies, monitoring approaches, and risk assessment processes.
- Define and track risk metrics, Key Risk Indicators (KRIs), and risk reporting to support leadership decision-making.
- Maintain enterprise risk registers and risk tracking systems to identify, assess, and monitor organizational risks.
- Perform qualitative and quantitative risk assessments using structured methodologies.
- Identify and manage risks related to sensitive and regulated information, including personal and confidential data.
- Support audit readiness activities by maintaining clear and accurate security documentation and evidence.
- Contribute to privacy, supply chain risk, and security policy development and implementation.
- Deliver training sessions and workshops to improve awareness and understanding of security and risk practices.
Required Qualifications
- Bachelor's degree in Information Technology, Engineering, or a related field, or equivalent experience.
- Hands-on experience in information security, risk management, privacy, insider threat, or related areas.
Preferred Experience
- Experience building or managing Enterprise Risk Management programs.
- Experience developing and operating Insider Threat programs.
- Experience defining risk metrics, reporting structures, and risk appetite frameworks.
- Experience managing risk registers or enterprise risk tracking tools.
- Experience performing structured risk assessments using established methods.
- Experience supporting audits and compliance-related documentation.
- Experience working with sensitive data protection and risk mitigation.
- Experience delivering training, workshops, or knowledge-sharing sessions.