Senior Endpoint Security Engineer - Configuration Compliance at CVS Health

Massachusetts, United States

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Healthcare, TechnologyIndustries

Requirements

5+ years of experience in information security, with a focus on secure configuration management or related areas
5+ years of experience with secure configuration frameworks including CIS Benchmarks and configuration management tools (e.g., Qualys, Rapid7, Tanium)
5+ years of strong understanding of operating systems (Windows, Linux, macOS) and network device configurations
5+ years with security architecture awareness. Strong grasp of how configuration compliance integrates with vulnerability, asset, and change management systems
5+ years of analytical problem-solving experience. Demonstrated ability to identify root causes through multi-angle analysis of compliance

Responsibilities

Develop, implement, and maintain secure configuration policy framework and baselines for operating systems, databases, applications, and network devices (e.g., firewalls, routers)
Collaborate with stakeholders to align secure configuration policies with business and compliance requirements
Automate configuration scanning, remediation, and validation processes by developing and integrating workflows using tools like Qualys, ServiceNow, and APIs or scripting languages to enhance efficiency and scalability
Regularly review and update policies to reflect changes in the threat landscape or regulatory requirements
Stay informed of emerging security threats, compliance requirements, and best practices related to secure configurations
Implement and maintain tools, processes, and configuration scan templates aligned with policy changes to continuously monitor, detect, and enforce secure configurations (e.g., Minimum Security Baseline scanners, configuration management tools)
Conduct security audits and assessments to identify deviations and implement corrective actions
Develop and deliver executive-level reports on compliance with configuration policies, including metrics on policy adherence and risk mitigation
Lead root cause analysis and remediation efforts for configuration-related security incidents
Work closely with IT, DevOps, and Security Operations teams to ensure secure configuration policies are integrated into system and application lifecycles
Partner with compliance and risk teams to ensure configurations meet regulatory standards (e.g., PCI DSS, HIPAA, SOX)
Provide guidance and support during internal and external audits
Promote a culture of security awareness and best practices within the organization
Drive automation initiatives to streamline configuration management processes
Provide training and resources to ensure teams understand and adhere to secure configuration policies

Skills

Endpoint Security

Configuration Management

Policy Hardening

Qualys

ServiceNow

APIs

Scripting

Operating Systems

Databases

Firewalls

Routers

Automation

DevOps

Compliance

Vulnerability Management

CVS Health

Comprehensive pharmacy and healthcare services

About CVS Health

CVS Health operates a large network of retail pharmacies and walk-in medical clinics across the United States, providing a variety of health-related products and services. Their offerings include prescription medications, over-the-counter health products, and beauty items, as well as pharmacy benefits management and specialty pharmacy services. CVS Health's integrated business model allows them to serve individual consumers, businesses, and communities effectively, with a focus on improving health outcomes and reducing healthcare costs. Unlike many competitors, CVS Health combines pharmacy services with medical care, making it easier for patients to access quality healthcare. The company's goal is to enhance access to healthcare and support individuals in achieving better health.

Woonsocket, Rhode IslandHeadquarters

1963Year Founded

DEBTCompany Stage

Healthcare, Consumer GoodsIndustries

10,001+Employees

Benefits

Health Insurance

Dental Insurance

Vision Insurance

Life Insurance

Disability Insurance

401(k) Retirement Plan

Company Equity

Wellness Program

Professional Development Budget

Paid Vacation

Paid Holidays

Risks

Legal challenges related to opioid prescriptions could harm CVS's reputation and finances.

The DOJ's intervention in a whistleblower lawsuit may increase legal costs for CVS.

The Horizon Organic Milk recall exposes potential vulnerabilities in CVS's supply chain.

Differentiation

CVS Health operates over 9,600 retail pharmacies and 1,100 walk-in clinics nationwide.

The company integrates pharmacy benefits management with specialty pharmacy services for comprehensive care.

CVS Health offers tailored medication plans through personalized medicine and pharmacogenomics.

Upsides

Expansion of telehealth services allows CVS to reach more patients remotely.

Increased consumer interest in wellness boosts demand for CVS's health-related products.

The trend towards value-based care aligns with CVS's integrated healthcare approach.

Land your dream remote job 3x faster with AI

Try Jobo Free