Security Risk Manager

About the position Responsibilities • Work directly with SOC, business lines, and third-party contacts to facilitate actions associated with continuous monitoring. • Identify and analyze risks through the CVS Health continuous monitoring program. • Collaborate with internal organizations regarding third-party outreach to understand actions on discrete events. • Manage, monitor, and coordinate resolution of security events to ensure awareness and risk reduction. • Drive proactive interaction with third parties to avoid risk scenarios through engagement and education on security topics. Requirements • 5+ years of experience in an IT Security/IT Risk environment with a large regulated organization. • 5+ years of experience in risk assessment methodologies, IT/IS Policies and Standards, IT risk standards and industry best practices (ISO 27000, HITRUST, CoBIT, Managing Vendor Assessments). • 3+ years of experience or understanding of managing vendor assessments. • 3+ years of experience with development and administration of risk assessments and reviews. • 3+ years of experience with cyber security assessment processes and disciplines. • 3+ years of experience with more than one major IT discipline (distributed computing, networks, application design and development, IT security and business recovery). Nice-to-haves • Previous cyber security risk assessment experience within Healthcare or other highly regulated environments with certifications such as CISSP, CISA, CIPP, CISM, PCIP, ISA, CTPRA. • Experience with regulatory requirements, including HIPAA, PCI-DSS. • Knowledge and working experience with Information Security frameworks, including ISO27001 and the NIST CSF. • Background in Cloud, AI, or other IT/IS areas. • Strong interpersonal and oral/written communication skills, able to build relationships at all levels. • Knowledge of web application security testing and vulnerability testing tools. • Knowledge of network-level penetration testing. • Knowledge of source code reviews using automated tools such as Veracode and/or manual analysis. Benefits • Full range of medical, dental, and vision benefits. • 401(k) retirement savings plan. • Employee Stock Purchase Plan. • Fully-paid term life insurance plan. • Short-term and long-term disability benefits. • Well-being programs and education assistance. • Free development courses. • CVS store discount and discount programs with participating partners. • Paid Time Off (PTO) or vacation pay, as well as paid holidays throughout the calendar year. Apply tot his job