Humana Senior Cybersecurity Risk & Compliance Professional in Springfield, Missouri
The Senior CyberSecurity Policy and Standards Engineer evaluates, tests, recommends, develops, coordinates, monitors and maintains information systems (IT) and cyber security policies, procedures and systems, including access management for hardware, firmware and software. The Senior CyberSecurity Policy and Standards Engineer work assignments involve moderately complex to complex issues where the analysis of situations or data requires an in-depth evaluation of variable factors.
As the Senior Cybersecurity Risk & Compliance Professional at Author by Humana , you will be responsible for designing, communicating, implementing, and managing cross-functional Governance, Risk and Compliance (GRC) processes within Author. You will work with key leaders in Author's Operations, Health, Technology, Product & Experience, and Marketing teams as they deliver new capabilities that support evolving consumer needs. The ideal candidate has experience with GRC tools, securing cloud environments, and agile program delivery at the intersection of healthcare and technology. If you thrive in a fast-paced environment and get excited about shaping cybersecurity for a high-performing organization as it scales, we can't wait to meet you.
About Author by Humana
At Author by Humana, we don't wait for chances to make a difference, we create them. We launched a healthcare start-up with the backing of a Fortune 52 company to create a new healthcare experience that centers around customers, simplifies and personalizes care, and focuses on whole-person health.
We start by listening to really understand what matters most to seniors in their dynamic lives, evolving with them as their lives change. This new business concept, called 'Author,' exists to unlock seniors' potential to live healthy, vibrant lives on their terms.
Author is an initiative designed to improve the experiences and outcomes of Humana members. To achieve this, we have built a team of diverse leaders from across industry giants in tech, marketing, product, medicine, and healthcare as well as successful entrepreneurs who have founded and sold breakthrough companies. Together, we are excited to knock down barriers to health and be a catalyst so that people can live their best lives.
Consumers have come to expect personalized, seamless, and secure experiences in nearly all aspects of their daily life - how they stay connected, shop, book travel and manage their finances. Technology innovation has enabled these experiences. Consumers should expect, and will demand, the same personalized and secure experience for managing their health.
To meet new competitive challenges, better respond to consumer needs, reduce systemic friction points and to inspire a brighter future for healthcare in America, Humana has created a new business focused on the whole health needs of seniors. Associates in this new business segment (Author by Humana) are creating a customer-back experience designed to foster a trusting relationship with seniors to help them achieve their best health. Keeping information safe is key to maintaining that trust.
Author operates independently with a 'startup-like' mentality, and the enthusiastic support and backing of Humana and its board, with the goal of changing the healthcare industry from managing transactions to supporting a member's whole health.
We are seeking individuals who are passionate about solving big problems in healthcare for seniors and keeping their information safe as we do it. As a member of the Author team, you will have the opportunity to bring your 'A game' to work every day to improve the lives and health of the seniors we serve.
As the Senior Cybersecurity Risk & Compliance Professional, you will :
Maximize use of the ServiceNow IRM suite to facilitate effective GRC processes.
Minimize friction of cybersecurity GRC as we enable a safe journey for Author and the members who trust us.
Ensure that technology and cybersecurity architecture, designs, plans, controls, processes, standards, policies and procedures are aligned with standards and overall Author technology and cybersecurity goals.
Collaborate with various teams to achieve cybersecurity compliance goals in an agile cloud environment.
Consult with leaders as they manage cybersecurity risk to acceptable levels in their business processes.
Identify security risks and exposures, determine the causes of security risks and recommend procedures to prevent future challenges and improve security.
Develop techniques and procedures for conducting technology and cybersecurity risk and compliance assessments .
Evaluate and test hardware, software, and business processes for possible impact on risk posture, and investigate and resolve security events.
Develop and implement cybersecurity policies and take measures against intrusion, fraud, attacks or data loss.
Begin to influence strategy , including making decisions on complex issues regarding the secure approach to projects.
Promote awareness of cybersecurity risks to your Author colleagues.
Work without direction and exercise considerable latitude in determining objectives and approaches to assignments.
The successful candidate will:
Be self-directed, highly engaged, able to navigate through ambiguity.
Have demonstrated expertise in cybersecurity strategy development and execution in a fast-paced, cloud-first, internet-only business environment.
Leverage high EQ to build and maintain solid relationships with key business leaders and stakeholders.
Bring a broad set of experiences with cybersecurity, as you will be consulted for guidance on topics that are technical, non-technical, and everything in between.
During your first 100 days, you can expect to :
Learn about Author, a fresh, cloud-first organization whose mission is to knock down barriers to health and be a catalyst so that people can live their lives on their terms.
Meet your Author cybersecurity team, who seeks to provide modern protection capabilities to enable and empower agile, innovative and member-friendly business outcomes.
Familiarize with the GRC landscape at Author and Humana.
Gain a deep understanding of the technologies in place that support cybersecurity, particularly the GRC technology, where you will become the subject matter expert and risk administrator.
Make connections with key leaders and stakeholders in the business, especially the ones who act as control owners - key players in managing cyber risk.
Help control owners assess risk, develop controls and safeguards, and optimize processes.
Get to know Author's cybersecurity policies so you can apply them, interpret them for others, improve them, and create new policies when needed.
Understand Author's cybersecurity compliance efforts and requirements and facilitate compliance assessments.
This role may be a fit if you have:
5 or more years of information security experience
Experience with GRC processes in a highly regulated industry
Experience working with ServiceNow IRM or other GRC platforms
Experience integrating security policies, identity management and controls
Experience integrating cybersecurity technologies with existing technologies
Skill for identifying security risks and exposures, determining the causes of security violations and suggesting solutions to halt future events
Strong ability to assess urgency and prioritization and make good decisions based upon situational circumstances
Excellent communication skills with the ability to influence others
Analytical and problem-solving skills
Passion about contributing to an organization focused on continuously improving consumer experiences
It will also be helpful to have :
Master's Degree in Information Security, Computer Science, Information Technology or a related field
Certifications: CISSP, HCISPP, CCSP, CISA, CISM
Experience with cybersecurity risk and compliance management in cloud environments
How We Work:
We knock down barriers to health and are a catalyst so that people can live their best lives on their terms.
Build Trust: Our team is authentic, we are honest and transparent, and we make promises and then deliver on them. You can rely on us, always.
Embrace Positivity: We believe in the power of positive messages, positive emotions and positive relationships to motivate our teammates and our members to live their best lives.
Be Curious and Humble: We don't know everything. To deliver on our mission, we need to be intensely curious and open to challenging own assumptions about the world, the industry, the solution, and our own members' experiences.
Solve Problems with Creativity: We are especially skilled in navigating complexity, solving tough problems and making concepts real as we forge a new path in healthcare.
Elevate Others: We value the impact and contributions of our teammates and members. We are supportive leaders, collaborating and building relationships to enable others to reach their highest potential.
Value Diverse Perspectives: We value each individual for who they are and their unique skills. In building diverse teams and learning from the perspectives of others, we create more inclusive solutions.
Due to COVID-19, most of our associates are working from home. We have implemented a virtual hiring process and continue to interview candidates by phone and video and are onboarding new hires remotely. We value the safety of each member of our team because we know we are all in this together.
Location: Louisville, KY or Remote
Scheduled Weekly Hours