CVS Health · 7 hours ago
Security Risk Manager
Maximize your interview chances
Health CareMedical
H1B Sponsor Likely
Insider Connection @CVS Health
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
Develop reports and evaluate the results of the vendor assessment
Identify and document control gaps
Review and interrupt results of vulnerability assessments and penetration testing
Communicate with auditors and regulators during compliance and regulatory reviews
Participate in information security assessments ensuring technical compliance with security related regulatory requirements (PCI, SOX, PII, PHI, etc)
Collaboratively work with peers to ensure operational excellence
Contribute to or help lead current state risk assessments, continual risk assessments, risk metrics and visualization and integrated operational risk management
Identify and prioritize risk based on impact and likelihood
Work directly with key business leaders to facilitate information risk analysis and risk management processes, identify acceptable levels of risk, and establish roles and responsibilities with regards to information risk management
Assist in Policy/Standard development and security awareness and training
Ensure security programs are in compliance with applicable laws, regulations and policies to minimize risk and audit findings
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
5+ years of experience in an IT Security/IT Risk environment with a large regulated organization
5+ years of risk assessment methodologies, IT/IS Policies and Standards, IT risk standards and industry best practices (ISO 27000, HITRUST, CoBIT, Managing Vendor Assessments)
3+ years of experience of managing vendor assessments
3+ years of experience in development and administration of risk assessments and reviews
3+ years of experience in cyber security assessment processes and disciplines
3+ years of experience in more than one major IT discipline (distributed computing, networks, application design and development, IT security and business recovery)
Bachelor’s degree or equivalent experience (HS diploma + 4 years relevant experience)
Preferred
Previous cyber security risk assessment within Healthcare, or other highly regulated environment with CISSP, CISA, CIPP, CISM, PCIP, ISA, CTPRA
Experience with regulatory requirements, including HIPAA, PCI-DSS, etc
Knowledge and working experience with Information Security frameworks, including ISO27001 and the NIST CSF
Cloud, AI and/or other IT/IS background a plus
Strong interpersonal and oral/written communication skills, able to build relationships at all levels
Knowledge of IT risk standards and industry best practice approaches such as ISO 27001, HITRUST, etc
Knowledge of web application security testing and vulnerability testing tools.
Knowledge of network-level penetration testing
Knowledge of source code reviews using automated tools such as Veracode and/or manual analysis
Benefits
Full range of medical, dental, and vision benefits
401(k) retirement savings plan
Employee Stock Purchase Plan
Fully-paid term life insurance plan
Short-term and long term disability benefits
Numerous well-being programs
Education assistance
Free development courses
CVS store discount
Discount programs with participating partners
Paid Time Off (“PTO”) or vacation pay
Paid holidays throughout the calendar year
Company
CVS Health
CVS Health is a health solutions company that provides an integrated healthcare services to its members.
H1B Sponsorship
CVS Health has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2021 (1)
Funding
Current Stage
Public CompanyTotal Funding
unknownKey Investors
Starboard Value
2019-11-25Post Ipo Equity
1978-01-13IPO
Recent News
2024-12-17
2024-12-17
Seeking Alpha
2024-12-17
Company data provided by crunchbase