CVS Health is hiring a Sr Analyst, Security Risk Management (Issues/Vulnerability Management) to join our Corporate Functions & Pharmacy Consumer Wellness (PCW) IT Compliance Team. This role provides critical support and oversight for our Vulnerability Management program, focusing on governance, process support, and program expansion.
What You'll Do
- Provide oversight of Issues Management and related workflows.
- Manage GRC and executive approval workflows, maintain status, and handle data entry.
- Support application teams with processes and procedures in the Vulnerability Management space.
- Participate in expanding the Vulnerability Management program and support new, emerging VM compliance frameworks.
- Interact closely with the internal team, domain leads, application teams, and security teams as a lead resource governing risk associated with Vulnerability Management control standards.
- Assist with entry of Findings and provide application team support in the Issues Management compliance domain area.
- Provide general guidance and support to application teams, maintaining line of sight into status, issues, priorities, and timelines.
- Deliver proactive, timely, targeted communications, alerts, and escalations to maintain awareness and minimize risk.
- Maintain key files and data sources for compliance reporting with high levels of data quality, consistency, and integrity.
What We're Looking For
- 3-5 years of experience in IT Application Management, Issues Management, Vulnerability Management, Project/Program Management, Information Security, or a related field.
- Strong problem-solving, analytical, critical thinking, and organizational skills with the ability to handle concurrent high-priority tasks.
- Excellent oral and written communication skills to clearly articulate complex problems and solutions to both technical and non-technical stakeholders.
- Self-motivated with the ability to work independently, prioritize work effectively, and thrive in a dynamic environment.
- Experience working with large-scale application portfolios and teams across various functional IT and business areas.
- Experience providing executive-level status and driving issues to closure.
- Intermediate to advanced proficiency in MS Excel (pivot tables, lookups, etc.).
- Bachelor’s Degree in Computer Science, Information Technology, Cybersecurity, or a related field, or equivalent work experience (HS diploma + 3 years relevant experience).
Nice to Have
- Experience with RSA Archer / GRC, ServiceNow, or similar IT risk and compliance tools.
- Knowledge of IT security regulations and frameworks such as PCI, HIPAA, SOX, SOC1, SOC2, GDPR, NIST, ISO 27001, and COBIT.
- Security certifications such as CRISC, CISSP, CIAM, CISA, CISM, or CCSP.
- Ongoing education in cybersecurity, information security, or related domains.
Technical Stack
- MS Excel
- RSA Archer / GRC
- ServiceNow
Team & Environment
You will be a key member of the Corporate Functions & Pharmacy Consumer Wellness (PCW) IT Compliance Team.
Benefits & Compensation
- Compensation Range: $79,310.00 - $158,620.00
- Affordable medical plan options
- 401(k) plan with matching company contributions
- Employee stock purchase plan
- No-cost wellness programs, screenings, tobacco cessation, weight management, counseling, and financial coaching
- Paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, and retiree medical access
CVS Health is an equal opportunity employer. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.
