Information Security Specialist (Risk Management)

Itron is innovating new ways for utilities and cities to manage energy and water. We create a more resourceful world to protect essential resources for today and tomorrow. Join us.

The IT InfoSec Risk Management Analyst is responsible for leading and maturing our IT Risk Management program, with a secondary focus on analyzing and supporting the management of global cybersecurity compliance requirements. In this customer-centric role, you will help protect critical technology platforms that serve utilities and energy customers, ensuring that IT risks are identified, assessed, mitigated, and reported in alignment with international standards and frameworks (including ISO 27001/27002, ISO 31000, NIST RMF, and COSO Internal Controls). You will collaborate closely with IT, compliance, audit, and business stakeholders to strengthen governance, reduce risk exposure, and support regulatory and certification requirements in a fast-moving, highly regulated industry.

Duties & Responsibilities:

• Lead the design, implementation, and continuous improvement of IT Risk Management program.
• Conduct risk assessments, control evaluations, and gap analyses against ISO, NIST, and COSO frameworks.
• Maintain risk registers, compliance documentation, treatment plans, and executive-level reporting dashboards.
• Review and analyze global cybersecurity laws, regulations, and directives (e.g., GDPR, ENS, NIS2, SOCI).
• Track enterprise compliance across multiple security frameworks including Sarbanes-Oxley (SOX), SSAE-18 (SOC1 and SOC2), NIST and ISO and maintain up-to-date records of requirements and corresponding mitigating controls
• Translate regulatory requirements into actionable security controls and governance processes.
• Collaborate with IT, legal, compliance, and business leaders to ensure risk mitigation and compliance alignment.
• Support internal and external audits, regulatory inquiries, and certification efforts.
• Monitor emerging threats, regulatory changes, and industry best practices to adapt programs.
• Advise on compliance implications for new technologies, vendors, and business initiatives.

Required Skills & Experience:

• Minimum 5 years of combined experience in IT risk management, cybersecurity compliance, and governance roles.
• Knowledge and understanding of global cybersecurity regulations and frameworks (e.g. SOX, GDPR, NIS2, ISO 27001, NIST CSF, COSO).
• Demonstrated experience conducting risk assessments, assessing risks, implementing treatment plans, and managing follow up.
• Experience with compliance audits, regulatory reporting, and multinational compliance programs.

Preferred Skills & Experience:

• Familiarity with GRC tools (e.g. Archer, AuditBoard) and regulated industries (finance, healthcare, energy).
• Experience in assessing and implementing controls to meet multinational security frameworks requirements
• Professional certifications such as CISSP, CISM, CRISC, CISA, CIPP/E, or ISO 27001 Lead Auditor are a plus.

Benefits Info:

This position also includes a competitive benefit package including; financial, social, health and wellbeing programs, paid vacation, 401k matching, employee stock purchase program, hybrid work schedule, and more!

The successful candidate's starting salary will be determined based on permissible, non-discriminatory factors such as skills and experience and may vary by location. The base salary is $75,000-148,000 annually.

#LI-EP1

Itron is committed to building an inclusive and diverse workforce and providing an authentic workplace experience for all employees. If you are excited about this role but your past experiences don't perfectly align with every requirement, we encourage you to apply anyway. In the end, you may be just who we are looking for!

The successful candidate's starting wage will be determined based on permissible, non-discriminatory factors such as skills and experience.

Itron is proud to be an Equal Opportunity Employer. If you require an accommodation to apply, please contact a recruiting representative at 1-800-635-5461 or email Accessibility@itron.com.

Itron is transforming how the world manages energy, water and city services. Our trusted intelligent infrastructure solutions help utilities and cities improve efficiency, build resilience and deliver safe, reliable and affordable service. With edge intelligence, we connect people, data insights and devices so communities can better manage the essential resources they rely on to live. Join us as we create a more resourceful world: www.itron.com