Senior Endpoint Security Compliance Engineer at CVS Health

Georgia, Vermont, United States

Apply Now
CVS Health Logo
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Healthcare, TechnologyIndustries

Requirements

  • 5+ years of experience in information security with 5+ years focused on FIM or related areas
  • 3+ years experience in managing FIM tools and technologies in enterprise environments
  • 1+ years automation experience with scripting languages

Responsibilities

  • Support FIM program initiatives, projects, ad-hoc efforts, and BAU activities
  • Provide FIM operational support & documentation (e.g., strategies, roadmaps, proposals, control procedures & standards, security frameworks, flow charts, etc.)
  • Deploy, configure, and maintain file integrity monitoring tools
  • Define, manage and enforce FIM policies and rules to detect unauthorized or suspicious changes to files and directories to ensure the integrity of critical files and systems
  • Establish baselines and regular reviews of critical file paths, configurations, normal file states and monitor for unauthorized or suspicious changes
  • Support regular audits and reviews of FIM processes to identify and address gaps
  • Ensure comprehensive coverage for critical systems, including servers, applications, databases, and endpoints
  • Assess and refine FIM policies to minimize false positives and ensure optimal alerting
  • Stay updated on evolving FIM technologies and best practices
  • Automate FIM processes to improve onboarding efficiencies and scalability
  • Establish manual FIM processes where automation is not technically feasible
  • Stay updated on emerging threats, tools, and regulatory requirements to enhance the FIM program
  • Investigate FIM alerts to determine root cause and assess impact
  • Coordinate with incident response teams to contain and remediate security incidents involving file integrity violations
  • Develop and maintain playbooks for handling FIM-related incidents
  • Ensure proper logging, alerting, and reporting mechanisms are in place for timely detection and response
  • Contribute to forensic investigations by providing detailed logs and evidence from FIM systems
  • Partner with IT, DevOps, and business units to integrate FIM practices across the organization on applicable applications and systems
  • Work closely with compliance, audit, and risk management teams to meet regulatory and policy requirements (e.g., PCI DSS, HIPAA, SOX)
  • Provide executive-level reporting on FIM metrics, trends, and risk mitigation efforts
  • Drive the adoption of automation and machine learning capabilities within the FIM program to enhance detection and reduce manual effort
  • Work closely with security, IT, and development teams to integrate FIM into DevSecOps workflows
  • Identify opportunities for process improvements and implement best practices in FIM operations
  • Promote a culture of security awareness and accountability related to file integrity

Skills

Key technologies and capabilities for this role

File Integrity MonitoringFIMEndpoint SecurityThreat DetectionCompliance FrameworksAutomationSecurity PoliciesAuditsServersApplicationsDatabasesPolicy EnforcementBaseline EstablishmentRisk Mitigation

Questions & Answers

Common questions about this position

What is the employment type for this position?

The position is full time.

Is this role remote or does it require office presence?

This information is not specified in the job description.

What key skills are required for the Senior Endpoint Security Compliance Engineer role?

Expertise in File Integrity Monitoring (FIM) tools, threat detection, compliance frameworks, and automation experience to improve onboarding and monitoring efficiencies are required.

What is the company culture like at CVS Health?

CVS Health emphasizes building a world of health with dedicated, purpose-driven colleagues passionate about transforming health care in a connected, convenient, and compassionate way.

What makes a strong candidate for this role?

Strong candidates will have expertise in FIM implementation, incident detection and response, automation skills, and experience collaborating with IT, DevOps, and business units.

CVS Health

Comprehensive pharmacy and healthcare services

Website

About CVS Health

CVS Health operates a large network of retail pharmacies and walk-in medical clinics across the United States, providing a variety of health-related products and services. Their offerings include prescription medications, over-the-counter health products, and beauty items, as well as pharmacy benefits management and specialty pharmacy services. CVS Health's integrated business model allows them to serve individual consumers, businesses, and communities effectively, with a focus on improving health outcomes and reducing healthcare costs. Unlike many competitors, CVS Health combines pharmacy services with medical care, making it easier for patients to access quality healthcare. The company's goal is to enhance access to healthcare and support individuals in achieving better health.

Woonsocket, Rhode IslandHeadquarters
1963Year Founded
DEBTCompany Stage
Healthcare, Consumer GoodsIndustries
10,001+Employees

Benefits

Health Insurance
Dental Insurance
Vision Insurance
Life Insurance
Disability Insurance
401(k) Retirement Plan
Company Equity
Wellness Program
Professional Development Budget
Paid Vacation
Paid Holidays

Risks

Legal challenges related to opioid prescriptions could harm CVS's reputation and finances.
The DOJ's intervention in a whistleblower lawsuit may increase legal costs for CVS.
The Horizon Organic Milk recall exposes potential vulnerabilities in CVS's supply chain.

Differentiation

CVS Health operates over 9,600 retail pharmacies and 1,100 walk-in clinics nationwide.
The company integrates pharmacy benefits management with specialty pharmacy services for comprehensive care.
CVS Health offers tailored medication plans through personalized medicine and pharmacogenomics.

Upsides

Expansion of telehealth services allows CVS to reach more patients remotely.
Increased consumer interest in wellness boosts demand for CVS's health-related products.
The trend towards value-based care aligns with CVS's integrated healthcare approach.

Related Jobs

San Antonio
Remote iconRemote

Senior Payment Integrity Professional

Humana
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
Remote
Remote iconRemote

Staff Endpoint Security Engineer

Included Health
Salary not specified
  • Employment type iconFull Time
  • Experience level iconExpert & Leadership (9+ years)
United States
Remote iconRemote

Senior Compliance Specialist

Wisk
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
Des Moines
Remote iconRemote

Senior Security Engineer

Brace
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
North Carolina
Remote iconRemote

Director, QA Data Integrity

Thermo Fisher Scientific
Salary not specified
  • Employment type iconFull Time
  • Experience level iconExpert & Leadership (9+ years)
Remote
Remote iconRemote

macOS Endpoint Engineer

Stairwell
$160,000 - $180,000/year
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
San Francisco
Remote iconRemote

Security Operations Lead

Earnest
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)
Remote
Remote iconRemote

Senior Network Operations Engineer

Vultr
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)

Land your dream remote job 3x faster with AI

Try Jobo Free