Director Third Party Cyber Risk Management

Profile

Job Information

Humana

Director, Third Party Cyber Risk Management

in

Louisville

Kentucky

Description

The Director, Third Party Cyber Management will provide strategic direction to and manage a team of risk professionals in ensuring world-class management of Humana's cyber vendor risk. This leader and their team will work closely with business and technology leaders across Humana to evaluate, monitor and mitigate risk introduced by third party vendors supporting these core business operations.

Responsibilities

Responsibilities include, but are not limited to:

establish and apply cutting edge vendor management practices to build a close working relationship with vendors and their leadership that promotes timely identification and mitigation of developing threats and security deficiencies

provide in-depth risk guidance to segment leadership

make recommendations to reduce the risk footprint introduced by third party services

set the strategic direction of a large team, and ensure the critical, high profile timelines and priorities are addressed

identify and implement new practices

ensure Humana cybersecurity requirements are appropriately addressed

ensure ongoing enhancements are made to Humana's Information Security Agreement

work collaboratively with Segment business areas, risk leaders, IT, and third parties to improve the overall ability to safeguard Humana and its' members data

effectively build and lead a team of risk, cyber, and vendor management experts

ensure overall execution of end-to-end third party risk assessments across multiple segments

work across all areas of security (architecture, pen testing, etc.) to ensure a cohesive security model from a technical and process perspective

monitor third party compliance (PCI, Offshore) with varying internal, regulatory, and state requirements

drive awareness and education of third party cybersecurity issues across the company

lead and consult with segment and IT leaders on ad hoc requests, RFP's, and special projects

review and analyze technologies, processes, documentation, and data to identify any gaps in the effectiveness of cybersecurity controls and operations that could have a direct negative impact to segment operations

help determine if/when to integrate emerging cybersecurity trends into the overall segment third party assessment strategy

Key Competencies

Accountability:

Meets established expectations and takes responsibility for achieving results; encourages others to do the same.

Collaborates:

Engages others by gathering multiple views and being open to diverse perspectives, focusing on a shared purpose that puts Humana's overall success first.

Customer Focus:

Connects meaningfully with customers to build emotional engagement and customer advocacy. Simplifies complexity and integrates internal efforts to deliver an optimal customer experience.

Acts Strategically

: Makes decisions and sets strategy based on the long-term vision, uses an enterprise-wide perspective to translate strategies into actions, inspires others to embrace and advance the strategy, and creates a clear view of the future state.

Interpersonal Effectiveness

: Understands oneself, effectively manages emotions, listens, and communicates with respect, and builds trusting relationships.

Leads Change:

Guides and energizes others, models adaptability, and inspires strong organizational performance through periods of transformation, ambiguity, and complexity.

Role Essentials

10 or more years' experience performing organizational IT audit and/or IT security risk assessments

Bachelor's Degree in Business, Information Technology, or a related field

Proficient understanding of - and experience with - audit, regulatory requirements and standards (SOC2, ISO, HITRUST), and other related standards and certification processes

Exceptional leadership skills, including an ability to grow and build teams

Broad industry, technology, and security knowledge including understanding of operations, technology, communications, and processes

Strong communication skills with the ability to interact with Associates at all levels of the organization

Negotiation skills - both with internal key stakeholders and external regulators and vendors

Influencing skills - ability to influence others at multiple organizational levels, to lead and work in a team environment; ability to lead collaborative efforts with user, development, business, and support groups

Strong ability to assess urgency and prioritization and make well informed decisions based upon situational circumstances

Excellent communication skills with the ability to influence others

Ability to travel up to 20% of the time

Role Desirables

Master's Degree in Computer Science, Information Technology, Information Security, or a related field

Industry Certifications: CISA, CISSP, HCISPP, CCSP, CISM, CTPRP, etc.

Additional Information

Incumbent can be remote, work-at-home, located anywhere across the US

Requires travel as business needs dictate, estimated to be 20% of the time, for periodic in-person or vendor meetings

Work-At-Home Requirements: Must have the ability to provide a high-speed DSL or cable modem for a home office. Associates or contractors who live and work from home in the state of California will be provided payment for their internet expense. A minimum standard speed for optimal performance of 25x10 (25mpbs download x 10mpbs upload) is required. Satellite and Wireless Internet service is NOT allowed for this role. A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information

COVID Policy: We are a healthcare company committed to putting health and safety first for our members, patients, associates, and the communities we serve. Humana and its subsidiaries require vaccinated associates who work outside of their home to submit proof of vaccination, including COVID-19 boosters. Associates who remain unvaccinated must either undergo weekly negative COVID testing OR wear a mask at all times while in a Humana facility or while working in the field.

Scheduled Weekly Hours

40

Company info

Humana Inc.
Website : http://www.humana.com