Be an early applicantLess than 25 applicants

Company

CVS Health · 5 hours ago

Security Risk Manager

Lincoln, NE

Full-time

Remote

Mid, Senior Level

$83K/yr - $167K/yr

5+ years exp

Maximize your interview chances

Health CareMedical

H1B Sponsor Likely

Insider Connection @CVS Health

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Develop reports and evaluate the results of the vendor assessment

Identify and document control gaps

Review and interrupt results of vulnerability assessments and penetration testing

Communicate with auditors and regulators during compliance and regulatory reviews

Participate in information security assessments ensuring technical compliance with security related regulatory requirements (PCI, SOX, PII, PHI, etc)

Collaboratively work with peers to ensure operational excellence

Contribute to or help lead current state risk assessments, continual risk assessments, risk metrics and visualization and integrated operational risk management

Identify and prioritize risk based on impact and likelihood

Work directly with key business leaders to facilitate information risk analysis and risk management processes, identify acceptable levels of risk, and establish roles and responsibilities with regards to information risk management

Assist in Policy/Standard development and security awareness and training

Ensure security programs are in compliance with applicable laws, regulations and policies to minimize risk and audit findings

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Cyber SecurityRisk ManagementVendor AssessmentsRisk Assessment MethodologiesInformation Security FrameworksISO 27000HITRUSTCISSPCISACIPPCISMPCIPISACTPRAHIPAAPCI-DSSAIWeb Application Security TestingVulnerability Testing ToolsNetwork-Level Penetration TestingSource Code ReviewsOral/Written Communication

Required

5+ years of experience in an IT Security/IT Risk environment with a large regulated organization

5+ years of risk assessment methodologies, IT/IS Policies and Standards, IT risk standards and industry best practices (ISO 27000, HITRUST, CoBIT, Managing Vendor Assessments)

3+ years of experience of managing vendor assessments

3+ years of experience in development and administration of risk assessments and reviews

3+ years of experience in cyber security assessment processes and disciplines

3+ years of experience in more than one major IT discipline (distributed computing, networks, application design and development, IT security and business recovery)

Bachelor’s degree or equivalent experience (HS diploma + 4 years relevant experience)

Preferred

Previous cyber security risk assessment within Healthcare, or other highly regulated environment with CISSP, CISA, CIPP, CISM, PCIP, ISA, CTPRA

Experience with regulatory requirements, including HIPAA, PCI-DSS, etc

Knowledge and working experience with Information Security frameworks, including ISO27001 and the NIST CSF

Cloud, AI and/or other IT/IS background a plus

Strong interpersonal and oral/written communication skills, able to build relationships at all levels

Knowledge of IT risk standards and industry best practice approaches such as ISO 27001, HITRUST, etc

Knowledge of web application security testing and vulnerability testing tools.

Knowledge of network-level penetration testing

Knowledge of source code reviews using automated tools such as Veracode and/or manual analysis

Benefits

Full range of medical, dental, and vision benefits

401(k) retirement savings plan

Employee Stock Purchase Plan

Fully-paid term life insurance plan

Short-term and long term disability benefits

Numerous well-being programs

Education assistance

Free development courses

CVS store discount

Discount programs with participating partners

Paid Time Off (“PTO”) or vacation pay

Paid holidays throughout the calendar year

Company

CVS Health

Glassdoor

3.1

CVS Health is a health solutions company that provides an integrated healthcare services to its members.

Founded in 1963

Woonsocket, Rhode Island, USA

10001+ employees

https://www.cvshealth.com/

H1B Sponsorship

CVS Health has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2021 (1)