Lead Cybersecurity Professional – Continuous Control Monitoring (remote virtual home office eligible)

Description

This role represents a unique opportunity to build a continuous control monitoring function from the ground-up for a world-class cyber-risk management organization. You will leverage strategic partnerships, identify control optimization opportunities, and develop repeatable ways to transparently measure and manage control performance against risk management and compliance related objectives for the advancement of Enterprise Information Protection program. The Controls and Compliance Oversight Team provides assurance and governance in the areas of cybersecurity ensures controls are designed and operating effectively to mitigate risk within enterprise level technology and business processes. This team serves as a first line of defense in overseeing both on premise and cloud environments. In addition, this team plays a key role in establishing a consistent security control framework and compliance assessment program across all cybersecurity domains, driving connections and collaboration throughout IT, and Enterprise Risk Management. The focus of our work is to ensure the deployment of security controls on premise and in the cloud to manage cyber risk and assure compliance.

ResponsibilitiesThe Continuous Control Monitoring (CCM) Lead creates, maintains, and advances the strategy for continuous control monitoring and establishes performance reporting to reflect status against expected operating thresholds, and both compliance and risk objectives. The CCM Lead directs the team to identify and oversee automation needed to enable complete and continuous visibility on health of critical controls within the cyber security program. The CCM Lead will leverage best practices and related frameworks to ensure coverage of critical on premise computing environments and cloud environments, and will report to senior leadership against all aspects of security control performance.The role understands the businesses, industry, and industry trends and uses that knowledge to recommend effective solutions. Leads and/or supports collaborative business partnerships, elicits client understanding and insight to advise and make recommendations. Clarifies scope of work commitments and deliverables, and defines measurable success criteria to monitor progress toward goals.Must have capability to:

Exercise independent judgment and decision making on complex issues regarding job duties and related tasks, and work under minimal supervision.

Use independent judgment requiring analysis of variable factors and determining the best course of action.

Advise leadership and executives on control design and optimization strategies for the evaluation, selection, and implementation of cloud services and related deployments.

Prioritizing tasks and ensuring the quality of deliverables.

Lead and expand the continuous control monitoring program by enhancing existing processes and utilizing existing technology.

Work with partners in business and IT to identify root causes for issues and resolve issues creating a positive user experience.

Work closely with cyber security teams to ensure seamless execution of processes and timely delivery to customers.

Identify gaps in process and procedures and demonstrate initiative in mitigating as appropriate.

Be responsible for process improvements, including initiating, creating, updating process documentation.

Drive integration of processes across disparate teams to align to a single, cohesive strategy.

Key Competencies:

Builds Trust: Strong team player who consistently models and inspires high levels of integrity, lives up to commitments and takes responsibility for the impact on one’s actions. Requires little to no instruction on day-to-day work.

Leads Change: Guides and energizes others, models adaptability and inspires strong organizational performance through periods of transformation, ambiguity and complexity.

Communication: Ability to interact and effectively communicate complex topics to all levels of management within the organization. Understand the needs and perspectives of others and tailors delivery accordingly.

Accountability: Exercises independent judgment / decision making on complex issues. Competent to work independently, meet established expectations and take responsibility for achieving results, and ensures direct reports to do the same.

Role Essentials:

Bachelor's degree in Cyber Security, Computer Science, Information Technology or a related field

8 or more years of technical cyber security experience

4 or more years of experience with cloud technologies and cloud deployments

Experience working with control frameworks such as HITRUST CSF, NIST CSF, NIST 800-53, CSA-CCM

Skilled at identifying security risks and exposures

Experience integrating Cyber Security technologies with existing technologies including cloud services

Strong ability to assess urgency and prioritization and make good decisions based upon situational circumstances

Excellent communication skills with the ability to influence others

Analytical and problem solving skills

Must be passionate about contributing to an organization focused on continuously improving consumer experiences

Role Desirables:

Strong knowledge of key compliance and IT frameworks such as: CSA-CCM, PCI, HITRUST, SOC1, SOC2, HIPAA, COBIT, ITIL.

Master’s Degree in Business Administration or Information Technology, preferred but not required

Professional certifications such as CISA, CISSP, CRISC, CGEIT, Cloud certifications such as CCSP, CCSK, CSP-based certifications) preferred.

Ability to interpret and understand business needs and convey such issues to information security teams.

Data Analytics or Data Visualization experience a plus

Six Sigma Experience

DC or Louisville KY location preferred, remote eligible(not Covid remote only)

Scheduled Weekly Hours40About UsMission: At Humana, our cultural foundation is aligned to helping members achieve their best health by delivering personalized, simplified, whole-person healthcare experiences. Recognizing healthcare needs continue to evolve for each person, for each family and for each community, Humana continuously creates innovative solutions and resources that help people live their healthiest lives on their terms –when and where they need it. Our employees are at the heart of making this happen and that’s why we are dedicated to building an organization of dynamic talent whose experience and passion center on putting the customer first. Equal Opportunity EmployerIt is our policy to recruit, hire, train, and promote people without regard to race, color, religion, sex, national origin, age, sexual orientation, gender identity or expression, disability, or veteran status, except where age, sex, or physical status is a bona fide occupational qualification. View the EEO is the Law poster.If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact mailboxtasrecruit@humana.com for assistance.Humana Safety and SecurityHumana will never ask, nor require a candidate provide money for work equipment and network access during the application process. If you become aware of any instances where you as a candidate are asked to provide information and do not believe it is a legitimate request from Humana or affiliate, please contact mailboxtasrecruit@humana.com to validate the request.California ResidentsIf you are a California resident and would like to review our California Consumer Privacy Act (CCPA) Policy click here:CA Resident Privacy Policy