Cybersecurity Corporate Audit Manager at CVS Health

Hartford, Connecticut, United States

Apply Now
CVS Health Logo
Not SpecifiedCompensation
Mid-level (3 to 4 years), Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Healthcare, TechnologyIndustries

Requirements

  • 5+ years of experience in information security with a focus on cybersecurity controls
  • 3+ years of experience in audit methodologies, internal control frameworks, and risk assessments
  • 3+ years of experience in relevant regulations, standards, and frameworks such as NIST and 5C framework of cybersecurity
  • At least 1 certification related to Information Security such as CISA, CRISC, CISM, CISSP, or other industry audit, compliance, or cybersecurity certification
  • Bachelor’s degree or a related field or equivalent (HS Diploma and 4 years of experience) required
  • Auditing, risk, or compliance background, preferably with a focus on healthcare
  • Proficiency in providing written and oral reports on audit findings and understanding how to assess risk based on mitigating and compensating controls
  • Preferred areas of cybersecurity knowledge: cloud security (Azure & GCP), network security, data security, application security, system administration, vendor and 3rd party security, ransomware, vulnerability management and security testing tools
  • Preferred Qualifications
  • Experience in a large and complex environment related to healthcare, insurance, or retail
  • Proven ability to lead audit teams on complex engagements
  • Strong written and verbal communication skills, with the ability to articulate cyber-security risks clearly and concisely
  • Analytical and problem-solving skills, with the ability to assess risks effectively and make informed remediation requests on gaps identified
  • Working knowledge of HIPAA, ISO, FTC, PCI DSS, NY DFS, NAIC, SOX, and HITRUST
  • Demonstrated ability to collaborate across departments, build relationships with key stakeholders, and influence others to achieve internal audit objectives
  • Experience managing or contributing to audit and assessment projects, with a focus on cybersecurity

Responsibilities

  • Lead cybersecurity audits and serve as the cybersecurity consultant on other audit projects within Internal Audit
  • Lead audit teams in an independent internal review of security controls and information systems, including testing the safety and effectiveness of individual components of cybersecurity defenses
  • Design and execute cybersecurity audits, establish audit objectives, and assess the overall structure of the business’ systems
  • Confer with various teams, such as IT, compliance, legal, and executive leadership regarding security risks/gaps and remediation strategies
  • Possess an innovative & creative mindset to adopt analytical technology to enhance audit techniques such as data analytics and AI tools
  • Build relationships across the CVS Digital, Data & Analytics and Technology teams and evolve & thrive in a fast-paced environment
  • Provide training and knowledge sharing across Internal Audit about security risks, best practices, and their roles in identifying gaps
  • Network with other information security specialists to stay up to date with the latest trends, tools, and techniques in cybersecurity auditing internally to CVS and externally for industry best practices

Skills

Key technologies and capabilities for this role

Cybersecurity AuditingRisk AssessmentCloud SecurityAzureGCPNetwork SecurityData SecurityApplication SecuritySystem AdministrationVendor SecurityRansomwareVulnerability ManagementSecurity Testing ToolsData AnalyticsAI Tools

Questions & Answers

Common questions about this position

What experience is required for the Cybersecurity Corporate Audit Manager role?

Candidates need 5+ years of experience in information security with a focus on cybersecurity controls, 3+ years in audit methodologies, internal control frameworks, and risk assessments, and 3+ years in regulations like NIST and 5C framework. At least one certification such as CISA, CRISC, CISM, CISSP, or similar is required.

What certifications are needed for this position?

At least one certification related to Information Security is required, such as CISA, CRISC, CISM, CISSP, or other industry audit, compliance, or cybersecurity certification.

What is the salary range for this role?

This information is not specified in the job description.

Is this a remote position or does it require office work?

This information is not specified in the job description.

What preferred qualifications or background make a strong candidate?

Experience in a large and complex environment is preferred, along with a cybersecurity auditing background preferably focused on healthcare.

CVS Health

Comprehensive pharmacy and healthcare services

Website

About CVS Health

CVS Health operates a large network of retail pharmacies and walk-in medical clinics across the United States, providing a variety of health-related products and services. Their offerings include prescription medications, over-the-counter health products, and beauty items, as well as pharmacy benefits management and specialty pharmacy services. CVS Health's integrated business model allows them to serve individual consumers, businesses, and communities effectively, with a focus on improving health outcomes and reducing healthcare costs. Unlike many competitors, CVS Health combines pharmacy services with medical care, making it easier for patients to access quality healthcare. The company's goal is to enhance access to healthcare and support individuals in achieving better health.

Woonsocket, Rhode IslandHeadquarters
1963Year Founded
DEBTCompany Stage
Healthcare, Consumer GoodsIndustries
10,001+Employees

Benefits

Health Insurance
Dental Insurance
Vision Insurance
Life Insurance
Disability Insurance
401(k) Retirement Plan
Company Equity
Wellness Program
Professional Development Budget
Paid Vacation
Paid Holidays

Risks

Legal challenges related to opioid prescriptions could harm CVS's reputation and finances.
The DOJ's intervention in a whistleblower lawsuit may increase legal costs for CVS.
The Horizon Organic Milk recall exposes potential vulnerabilities in CVS's supply chain.

Differentiation

CVS Health operates over 9,600 retail pharmacies and 1,100 walk-in clinics nationwide.
The company integrates pharmacy benefits management with specialty pharmacy services for comprehensive care.
CVS Health offers tailored medication plans through personalized medicine and pharmacogenomics.

Upsides

Expansion of telehealth services allows CVS to reach more patients remotely.
Increased consumer interest in wellness boosts demand for CVS's health-related products.
The trend towards value-based care aligns with CVS's integrated healthcare approach.

Related Jobs

San Jose
Remote iconRemote

Manager - IT Audit

Western Digital
Salary not specified
  • Employment type iconFull Time
  • Experience level iconMid-level (3 to 4 years), Senior (5 to 8 years)
Remote
Remote iconRemote

Sr. Information Security Analyst

Valon
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
Remote
Remote iconRemote

Staff Cyber Risk Analyst

GE Healthcare
Salary not specified
  • Employment type iconFull Time
  • Experience level iconJunior (1 to 2 years)
New York
Remote iconRemote

Senior Manager, Internal Audit - IT

Angi
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)
Remote
Remote iconRemote

Senior Digital Auditor

GE Healthcare
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
United States
Remote iconRemote

Internal Audit Lead

Kraken
$127,000 - $203,000/year
  • Employment type iconFull Time
  • Experience level iconExpert & Leadership (9+ years)
United States
Remote iconRemote

Digital Insurance Agent

Insurify
Salary not specified
  • Employment type iconFull Time
  • Experience level iconMid-level (3 to 4 years)

Land your dream remote job 3x faster with AI

Try Jobo Free