Senior Analyst, Security Risk Management
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Senior Security Analyst responsible for risk management and security assessments at CVS Health. Ensuring compliance and mitigating risks in IT Security within a regulated environment.
Responsibilities:
- Execute the TPS program and serve as a contact to participants across the enterprise
- Ensure that proper due diligence is performed over third parties with access to CVS data
- Conduct complex risk assessments
- Identify and document control gaps
- Assist in the development and implementation of risk mitigation strategies
- Monitor security risk management metrics and reporting frameworks
Requirements:
- 3+ years of experience in an IT Security/IT Risk environment with a large regulated organization
- Previous cyber security risk assessment experience within Healthcare or other highly regulated environment
- Certifications such as CISSP, CISA, CIPP, CISM, PCIP, ISA, CTPRA
- Knowledge and working experience with Information Security frameworks, including ISO27001 and NIST CSF
- Bachelor's Degree in IT/IS (or similar discipline)
- Desired: MBA or MS in MIS (or similar discipline)
Benefits:
- Affordable medical plan options
- 401(k) plan (including matching company contributions)
- Employee stock purchase plan
- No-cost wellness screenings
- Tobacco cessation programs
- Weight management programs
- Confidential counseling
- Financial coaching
- Paid time off
- Flexible work schedules
- Family leave
- Dependent care resources
- Colleague assistance programs
- Tuition assistance
- Retiree medical access
Report this job
Job expired or something wrong with this job?
Similar Jobs
Border Security – Data Architect SME
Border Security/Data Architect SME with AMERICAN SYSTEMS designing data architecture standards for federal solutions. Responsibilities include data analysis, project oversight, and risk management with federal stakeholders.
Security Engineer II
Cloud Security Engineer optimizing security capabilities for CBTS cloud solutions. Support, develop, and deliver effective cloud security solutions for customers.
Security Awareness Specialist – GRC
Security Awareness Specialist developing and managing security awareness programs for employees. Collaborating across departments to enhance Cybersecurity culture and mitigate human-factor risks.
SNOC Engineer II – Security
SNOC Engineer II enhancing security and operations for technology services at DYOPATH. Responsible for threat detection, incident response, and team mentorship in a collaborative environment.
Senior Software Security Engineer
Senior Software Security Engineer designing and implementing security controls at Kentik. Leading security initiatives and collaborating with teams to ensure secure software delivery.
Data Loss Prevention Security Engineer
Data Loss Prevention Security Engineer responsible for enterprise data protection solutions. Supporting important missions through advanced technologies and policy enforcement in a remote setup.
Fullstack Software Engineer, Cloud, Code, Security
Software Engineer developing scalable cloud solutions at Vanta. Driving product growth while mentoring the engineering team and enhancing customer compliance experience.
Fullstack Software Engineer, Cloud, Code, Security
Software Engineer at Vanta empowering companies to improve cloud-related security and compliance. Collaborating with product and design teams to deliver impactful customer solutions.
SLED Cybersecurity Sales Specialist
SLED Cybersecurity Sales Specialist creating and driving sales pipeline for mid-to-large accounts. Focused on strategic positioning of products and fostering professional relationships with clients.
Senior SAP GRC, Security Consultant
Senior SAP GRC & Security Consultant responsible for SAP Security implementation and governance across complex landscapes. Seeking candidates with extensive SAP experience and compliance knowledge.
Senior Consultant – Physical Security Training, Consulting, Business Development
Senior Consultant in Physical Security Training at Vizient, managing security programs and improving vendor relationships. Collaborating with leadership to enhance security processes and training.
Executive Technology and Security Specialist
Executive Technology & Security Specialist keeping Onebrief’s executive team productive, protected, and confident in their technology. Taking ownership of executive devices and implementing enhanced security controls.
AI Security Engineer – IAM
AI Security Engineer focusing on IAM at Dell. Contributing to Cybersecurity Engineering & Operations in Brazil.
Senior Information Security Consultant
Senior Information Security Consultant at World Foundation, solving global security challenges and ensuring protocol integrity through hands-on guidance and team collaboration.
Security Managed Services Engineer
Security Managed Services Engineer at NTT DATA ensuring operational security infrastructures for clients. Handling incidents, requests, and collaborating on automation to optimize security operations.
Security Engineer
Senior Security Engineer ensuring high-impact security for Canals' AI-driven global supply chain platform. Leading security strategy, incident response, and collaborating across teams in a remote-first environment.
Senior Ethical Hacker
Senior Ethical Hacker performing penetration testing and mentoring for Packetlabs' Australian Security practice. Collaborating with global teams to ensure consistency in standards and methodologies.
Técnico/a Ciberseguridad
CIBERSEGURIDAD Technician with 3-5 years of experience for aerospace projects at IRIUM. Engaging in technical security audits and pentesting for applications and infrastructure.
LBM Engineer – Cybersecurity Solutions
Cybersecurity Engineer implementing and maintaining security measures to protect US LBM from cyber threats. Involves developing IAM systems, resolving technical issues, and ensuring data security.
Security Engineer II
Security Engineer II at Subsplash, focusing on security vulnerability analysis and remediation in cloud systems. Collaborating with teams to integrate security practices across the software development lifecycle.