We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
#alert
Back to search results
New

Sr. Manager, Compliance, Governance & Assurance

Blue Shield of CA
United States, California, Woodland Hills
Jul 07, 2026

Your Role

The Information Security team is seeking an experienced Senior Manager, Compliance, Governance & Assurance reporting to the Senior Director, Governance, Risk & Compliance (GRC). In this role you will be responsible for maintaining and expanding the company's certification portfolio, ensuring compliance with regulatory, contractual, and customer requirements, establishing a mature policy governance framework, and building an internal assurance function that provides proactive oversight of control design, effectiveness and compliance obligations.

Our leadership model is about developing great leaders at all levels and creating opportunities for our people to grow - personally, professionally, and financially. We are looking for leaders that are energized by creative and critical thinking, building strong partnerships across the organization, getting results the right way, and fostering a culture of accountability and continuous improvement.

Your Knowledge and Experience

Required Qualifications



  • A minimum of 8 years of progressive experience in compliance, governance, risk management, audit, assurance, or related disciplines.
  • Bachelor's degree or higher in Business, Information Systems, Cybersecurity, Risk Management, Accounting, Finance, Public Policy, or a related field.
  • A minimum of 4 years of people leadership experience with direct responsibility for supervising, coaching, and developing team members.
  • Proven experience managing compliance programs and certification frameworks including SOC 2, ISO 27001, HIPAA, HITRUST, and similar industry standards.
  • Demonstrated experience leading audits, assessments, remediation programs, and control maturity initiatives.
  • Experience building or significantly maturing compliance, governance, assurance, or policy management programs.
  • Strong understanding of governance, risk, compliance, internal control, and audit frameworks.
  • Exceptional communication and stakeholder management skills, including experience influencing senior leadership and partnering effectively across Security, Privacy, Legal, Risk Management, Internal Audit, and business functions.
  • Demonstrated ability to influence cross-functional teams and drive organizational change in complex environments.


Preferred Qualifications



  • Master's degree in Business Administration, Information Systems, Cybersecurity, Risk Management, or a related discipline.
  • Professional certifications such as CISA, CRISC, CISSP, CIPP, CHC, CCEP, HITRUST CCSFP, ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, or equivalent.
  • Experience operating within highly regulated industries, including healthcare, financial services, or technology organizations.
  • Experience implementing governance, risk, and compliance (GRC) platforms and compliance automation capabilities.
  • Experience supporting privacy programs and privacy-related compliance requirements, including HIPAA, GDPR, and state privacy regulations.


Leadership Competencies



  • Ability to define and execute a strategic vision for compliance, governance, and assurance maturity.
  • Skilled at leading through influence across security, legal, privacy, audit, technology, and business teams.
  • Applies metrics, risk-based decision-making, and evidence-based reasoning to prioritize investments and remediation activities.
  • Thrives in fast-paced and evolving environments while maintaining operational rigor and accountability.
  • Passionate about building scalable programs, improving organizational effectiveness, and developing future leaders.
  • Acumen & Communication: Translates complex compliance and governance concepts into clear business language and builds trust with technical and non-technical stakeholders alike.



Hybrid

This role requires employees to be in-office based on our hybrid workplace model, balancing purposeful in-person collaboration with flexibility. For most teams, this means coming into the office two days each week.

Employees living more than 50 miles from an office location will work with their manager to determine in-office time based on business need.

Applied = 0

(web-77cf7d65c7-rcc7h)