Information Security Specialist (Risk Management)

Austin, TX - USA

Monthly Salary: Not Disclosed

Posted on: 14 hours ago

Vacancies: 1 Vacancy

Job Summary

Itron is innovating new ways for utilities and cities to manage energy and water. We create a more resourceful world to protect essential resources for today and tomorrow. Join us.

The IT InfoSec Risk Management Analyst is responsible for leading and maturing our IT Risk Management program with a secondary focus on analyzing and supporting the management of global cybersecurity compliance this customer-centric role you will help protect critical technology platforms that serve utilities and energy customers ensuring that IT risks are identified assessed mitigated and reported in alignment with international standards and frameworks (including ISO 27001/27002 ISO 31000 NIST RMF and COSO Internal Controls). You will collaborate closely with IT compliance audit and business stakeholders to strengthen governance reduce risk exposure and support regulatory and certification requirements in a fast-moving highly regulated industry.

Duties & Responsibilities:

Lead the design implementation and continuous improvement of IT Risk Management program.
Conduct risk assessments control evaluations and gap analyses against ISO NIST and COSO frameworks.
Maintain risk registers compliance documentation treatment plans and executive-level reporting dashboards.
Review and analyze global cybersecurity laws regulations and directives (e.g. GDPR ENS NIS2 SOCI).
Track enterprise compliance across multiple security frameworks including Sarbanes-Oxley (SOX) SSAE-18 (SOC1 and SOC2) NIST and ISO and maintain up-to-date records of requirements and corresponding mitigating controls
Translate regulatory requirements into actionable security controls and governance processes.
Collaborate with IT legal compliance and business leaders to ensure risk mitigation and compliance alignment.
Support internal and external audits regulatory inquiries and certification efforts.
Monitor emerging threats regulatory changes and industry best practices to adapt programs.
Advise on compliance implications for new technologies vendors and business initiatives.

Required Skills & Experience:

Minimum 5 years of combined experience in IT risk management cybersecurity compliance and governance roles.
Knowledge and understanding of global cybersecurity regulations and frameworks (e.g. SOX GDPR NIS2 ISO 27001 NIST CSF COSO).
Demonstrated experience conducting risk assessments assessing risks implementing treatment plans and managing follow up.
Experience with compliance audits regulatory reporting and multinational compliance programs.

Preferred Skills & Experience:

Familiarity with GRC tools (e.g. Archer AuditBoard) and regulated industries (finance healthcare energy).
Experience in assessing and implementing controls to meet multinational security frameworks requirements
Professional certifications such as CISSP CISM CRISC CISA CIPP/E or ISO 27001 Lead Auditor are a plus.

Benefits Info:
This position also includes a competitive benefit package including; financial social health and wellbeing programs paid vacation 401k matching employee stock purchase program hybrid work schedule and more!

Itron is committed to building an inclusive and diverse workforce and providing an authentic workplace experience for all employees. If you are excited about this role but your past experiences dont perfectly align with every requirement we encourage you to apply the end you may be just who we are looking for!

The successful candidates starting wage will be determined based on permissible non-discriminatory factors such as skills and experience.

Itron is proud to be an Equal Opportunity Employer. If you require an accommodation to apply please contact a recruiting representative at 1- or email .

Itron is transforming how the world manages energy water and city services. Our trusted intelligent infrastructure solutions help utilities and cities improve efficiency build resilience and deliver safe reliable and affordable service. With edge intelligence we connect people data insights and devices so communities can better manage the essential resources they rely on to live. Join us as we create a more resourceful world:

Required Experience:

Itron is innovating new ways for utilities and cities to manage energy and water. We create a more resourceful world to protect essential resources for today and tomorrow. Join us.The IT InfoSec Risk Management Analyst is responsible for leading and maturing our IT Risk Management program with a sec...

Itron is innovating new ways for utilities and cities to manage energy and water. We create a more resourceful world to protect essential resources for today and tomorrow. Join us.

Duties & Responsibilities:

Lead the design implementation and continuous improvement of IT Risk Management program.
Conduct risk assessments control evaluations and gap analyses against ISO NIST and COSO frameworks.
Maintain risk registers compliance documentation treatment plans and executive-level reporting dashboards.
Review and analyze global cybersecurity laws regulations and directives (e.g. GDPR ENS NIS2 SOCI).
Track enterprise compliance across multiple security frameworks including Sarbanes-Oxley (SOX) SSAE-18 (SOC1 and SOC2) NIST and ISO and maintain up-to-date records of requirements and corresponding mitigating controls
Translate regulatory requirements into actionable security controls and governance processes.
Collaborate with IT legal compliance and business leaders to ensure risk mitigation and compliance alignment.
Support internal and external audits regulatory inquiries and certification efforts.
Monitor emerging threats regulatory changes and industry best practices to adapt programs.
Advise on compliance implications for new technologies vendors and business initiatives.

Required Skills & Experience:

Minimum 5 years of combined experience in IT risk management cybersecurity compliance and governance roles.
Knowledge and understanding of global cybersecurity regulations and frameworks (e.g. SOX GDPR NIS2 ISO 27001 NIST CSF COSO).
Demonstrated experience conducting risk assessments assessing risks implementing treatment plans and managing follow up.
Experience with compliance audits regulatory reporting and multinational compliance programs.

Preferred Skills & Experience:

Familiarity with GRC tools (e.g. Archer AuditBoard) and regulated industries (finance healthcare energy).
Experience in assessing and implementing controls to meet multinational security frameworks requirements
Professional certifications such as CISSP CISM CRISC CISA CIPP/E or ISO 27001 Lead Auditor are a plus.

Required Experience: