Job Information
Humana
VP, Segment and Product Security
in
Washington, District Of Columbia
Description
As a direct report to the Chief Information Security Officer (CISO), the VP of Segment and Product Security is responsible for defining the strategy for product and data security, supporting all Humana business segments. The successful candidate will provide thought leadership to the Enterprise Information Protection leadership team to mature the security program at Humana.
Responsibilities
Responsibilities include, but are not limited to:
- Manage the Business Information Security Officers (BISO) program to identify, assess, consult on, and manage security risks for each segment.
- Implement Segment specific security scorecards.
- Work closely with Segment CIOs and Segment ORMs to manage security risks.
- Recommend and drive implementation of security services.
- Work with Technology Risk and ERM (Enterprise Risk Management) on risk management practices.
- Act as the conduit between Segment aligned IT and Business teams and Enterprise Information Protection.
- Lead the product/application security capabilities, with product security architects and engineers.
- Work closely with Application Engineering teams to enable security-by-design principles in product lifecycle with least friction, upholding security requirements.
- Expand security advocacy program with strong threat mindset in product/application engineering teams.
- Enhance DevSecOps capabilities, to enable Agile development practices.
- Create and maintain baseline Architectural Security Assessments (ASA) for most critical segment(s) products/applications.
- Work with Security Architecture on product security design patterns and blueprints, to be fed into Enterprise reference architecture.
- Lead the data protection capabilities, with data protection architects and engineers.
- Lead the requirements for data protection capabilities.
- Work with Enterprise and Security Architecture teams to select technologies that meet business requirements.
- Work closely with Data Governance Office, to provide and accept requirements that improve organizational data risk posture.
- Engineer policies for data loss prevention (DLP) across all channels including web, email, and network.
- Maintain strong actionable metrics for all functions, BISO, Product Security, and Data Protection, with clear KRIs (Key Risk Indicators) and KPIs (Key Performance Indicators).
Required Qualifications:
Bachelor's degree
15 years of technical leadership experience in Information Security (strongly preferred) or Information Technology
10 years of people leadership experience
Demonstrated knowledge of threat modeling and architectural product security fundamentals
In-depth knowledge of security compliance, technology, and risk best practices
Ability to influence peers and leadership
Strong verbal and communication skills
Additional Information
Incumbent should be located in the Washington, DC area of the United States.
Requires travel as business needs dictate.
Work-At-Home Requirements, if applicable: Must have the ability to provide a high-speed DSL or cable modem for a home office. Associates or contractors who live and work from home in the state of California will be provided payment for their internet expense. A minimum standard speed for optimal performance of 25x10 (25mpbs download x 10mpbs upload) is required. Satellite and Wireless Internet service is NOT allowed for this role. A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information.
COVID Policy: We are a healthcare company committed to putting health and safety first for our members, patients, associates, and the communities we serve. Humana and its subsidiaries require vaccinated associates who work outside of their home to submit proof of vaccination, including COVID-19 boosters. Associates who remain unvaccinated must either undergo weekly negative COVID testing OR wear a mask at all times while in a Humana facility or while working in the field.
Scheduled Weekly Hours
40
#J-18808-Ljbffr
