Posted in

IT Corporate Audit – Cybersecurity – Manager

IT Corporate Audit – Cybersecurity – Manager

CompanyCVS Health
LocationSmithfield, RI, USA, Hartford, CT, USA
Salary$101970 – $203940
TypeFull-Time
Degrees
Experience LevelSenior

Requirements

  • 5+ years of experience in information security with a focus on cybersecurity controls.
  • 3+ years of experience in audit methodologies, internal control frameworks, and risk assessments.
  • 3+ years of experience in relevant regulations, standards, and frameworks such as NIST and 5C framework of cybersecurity.
  • At least 1 certification related to Information Security such as CISA, CRISC, CISM, CISSP, or other industry audit, compliance, or cybersecurity certification.

Responsibilities

  • Confers with various teams, such as IT, compliance, legal, and executive leadership regarding security risks/gaps and remediation strategies.
  • Possess an innovative & creative mindset to adopt analytical technology to enhance audit techniques such as data analytics and AI tools.
  • Able to build relationships across the CVS Digital, Data & Analytics and Technology teams and evolve & thrive in a fast-paced environment.
  • Provides training and knowledge sharing across Internal Audit about security risks, best practices, and their roles in identifying gaps.
  • Proven ability to network with other information security specialists to stay up to date with the latest trends, tools, and techniques in cybersecurity auditing internally to CVS and externally for industry best practices.

Preferred Qualifications

  • Experience in a large and complex environment related to healthcare, insurance, or retail.
  • Proven ability to lead audit teams on complex engagements.
  • Strong written and verbal communication skills, with the ability to articulate cyber-security risks clearly and concisely.
  • Analytical and problem-solving skills, with the ability to assess risks effectively and make informed remediation requests on gaps identified.
  • Working knowledge of HIPAA, ISO, FTC, PCI DSS, NY DFS, NAIC, SOX, and HITRUST.
  • Demonstrated ability to collaborate across departments, build relationships with key stakeholders, and influence others to achieve internal audit objectives.
  • Experience managing or contributing to audit and assessment projects, with a focus on cybersecurity.