Job Description
Job Description
The Principal IT Governance Analyst provides expert advisory services, offering a proactive and strategic approach to help the organization achieve its business objectives while effectively managing technology, security, and compliance risks. This role advises on significant and broad-based IT risks associated with new system implementations, major technology initiatives, and operational processes to ensure appropriate risk coverage and a strong control environment.
What You’ll Do
Leverage deep expertise in IT governance, controls, and risk management to identify and assess a wide range of technology, security, compliance, and operational risks.
Ensure appropriate, well-designed controls are in place to mitigate identified risks and support business goals.
Serve as a trusted advisor on high‑visibility and/or highly complex projects, system implementations, and business process redesigns.
Ensure IT and security risks are incorporated into project decisions and addressed appropriately.
Partner closely with senior leaders, business owners, and project teams to build awareness and understanding of risk.
Support the development, evaluation, and monitoring of mitigation plans for IT and security risks to ensure alignment with the organization’s risk tolerance.
Escalate issues when risk levels or mitigation strategies fall outside acceptable thresholds.
Work with process owners to ensure process documentation is accurate, complete, and aligned with company policies, regulatory requirements, and industry standards.
Develop and maintain processes and procedures to ensure documentation remains current and well-governed.
What You Bring
Bachelor's degree or advanced degree
8+ years of experience in related field
In lieu of degree, 10+ years of experience in related field
Bonus Points
Technical fluency; prior IT Audit experience is highly beneficial.
Experience with:
Risk identification, analysis, and triage
Process improvement frameworks
GRC tools, including reporting and risk lifecycle management
Control design and documentation, including process mapping and governance
CISSP, CISM, CISA or CRISC certification preferred
What You’ll Get
The opportunity to work at the cutting edge of health care delivery with a team that’s deeply invested in the community
Work-life balance, flexibility, and the autonomy to do great work
Medical, dental, and vision coverage along with numerous health and wellness programs
Parental leave and support plus adoption and surrogacy assistance
Career development programs and tuition reimbursement for continued education
401k match including an annual company contribution
Where You’ll Work
Our Hybrid Flex approach is built on presence with a purpose – giving you flexibility to work remotely with intentional in-person connection – that supports a workplace that’s flexible, connected, and future focused.
In a Hybrid-Flex role, you’ll work in the office at least two days a week for collaboration and connection. In a Remote Flex role, you’ll work virtually, with a few in-office visits each year for meaningful moments that matter.
Whether your role is Hybrid Flex or Remote Flex depends on the nature of the work and distance from our Durham headquarters. We welcome candidates from outside the local area and in any states listed on this job posting. Onsite expectations will be discussed during the interview process.
Salary Range
At Blue Cross NC, we take great pride in a fair and equitable compensation package that reflects market-price and our starting salaries are typically planned near the middle of the range listed. Compensation decisions are driven by factors including experience and training, specialized skill sets, licensure and certifications and other business and organizational needs. Our base salary is part of a robust Total Rewards package that includes an Annual Incentive Bonus*, 401(k) with employer match, Paid Time Off (PTO), and competitive health benefits and wellness programs.
*Based on annual corporate goal achievement and individual performance.
Skills
_____________________________________________________________________
JOB ALERT FRAUD: We have become aware of scams from individuals, organizations, and internet sites claiming to represent Blue Cross and Blue Shield of North Carolina in recruitment activities in return for disclosing financial information. Our hiring process does not include text-based conversations or interviews and never requires payment or fees from job applicants. All our career opportunities are published on https://bcbsnc.wd5.myworkdayjobs.com/en-US/BCBSNC. If you have already provided your personal information that you suspect is fraudulent activity, please report it to your local authorities. Any fraudulent activity should be reported to: [email protected].