Technical Security Analyst

Security Risk Operations Lead We're building a world of health around every individual — shaping a more connected, convenient and compassionate health experience. At CVS Health®, you'll be surrounded by passionate colleagues who care deeply, innovate with purpose, hold ourselves accountable and prioritize safety and quality in everything we do. Join us and be part of something bigger – helping to simplify health care one person, one family and one community at a time. As a Security Risk Operations Lead you will:

• Conduct thorough technical Security Risk Assessments on Production Environment applications to identify vulnerabilities, threats and risks.
• Assess vulnerability management, scans, patching status, secure baselines, penetration test result, etc.
• Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in Control Standards.
• Collaborate with other IT professionals, including network engineers, developers, and system administrators, to understand how security measures are integrated into existing systems and processes.

Required Qualifications:

• 7+ years of information security or related experience
• 7+ years of experience identifying security risk within technology implementations with broad technical expertise and knowledge of current security threat and vulnerability trends including cloud, AI, etc.
• 7+ years of experience with security controls and alignment to key regulations (NIST, ISO, HITRUST, HIPAA, PCI)
• 5+ years experience managing work efforts with both internal and external partners in a highly collaborative environment
• 5+ years of experience demonstrating critical thinking and knowledge of risk management processes, tools, and techniques

Preferred Qualifications:

• Strong understanding of cloud computing technologies, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS)
• Technical acumen in regards to on prem applications, API, Encryption technologies, Container Security
• Experience with Information security policies and procedures
• Strong interpersonal, communication, and collaboration skills
• Relevant Industry Certifications such as CISSP, CRISC
• Knowledge of regulatory standards including NIST, SOX, SOC, HIPAA, PCI and HITRUST
• Understanding of current security threat and vulnerability trends
• Knowledge of cloud security architecture, best practices and frameworks
• Experience with Security development methodologies
• Working knowledge of Security Risk Management practices and processes

Education:

• Bachelor's degree or equivalent experience (High School Diploma and 4+ years relevant experience)

Anticipated Weekly Hours: 40 Time Type: Full time Pay Range: $72,100.00 - $173,040.00 This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above. Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong. Great benefits for great people We take pride in offering a comprehensive and competitive mix of pay and benefits that reflects our commitment to our colleagues and their families. This full‑time position is eligible for a comprehensive benefits package designed to support the physical, emotional, and financial well‑being of colleagues and their families. The benefits for this position include medical, dental, and vision coverage, paid time off, retirement savings options, wellness programs, and other resources, based on eligibility.