Information Technology Risk Oversight Lead

Profile

Job Information

Humana

Information Technology Risk Oversight Lead

in

Anchorage

Alaska

Description

The Lead, Information Technology Risk Oversight, identifies, analyzes, monitors and minimizes areas of risk that pertain to information technology. Coordinates closely with the Information/Cyber Security and Disaster Recovery Disciplines. The Lead, Information Technology Risk Oversight, works on problems of diverse scope and complexity ranging from moderate to substantial.

Responsibilities

The Lead, Information Technology Risk Oversight, helps to ensure that IT and cyber architecture/designs, plans, controls, processes, standards, policies and procedures are aligned with industry and regulatory IT standards and overall IT and cyber needs of the business. Identifies IT and cyber risks and exposures, determines the causes of deficiencies and suggests procedures to halt future incidents and improve security and reliability. Develops techniques and procedures for conducting IT and cyber consulting, risk assessments and compliance audits, the testing for possible impact on system security and resiliency, and the investigation and resolution of IT and cyber incidents. Advises executives to develop functional strategies on matters of significance. Exercises independent judgment and decision making on complex issues regarding job duties and related tasks, and works under minimal supervision. Uses independent judgment requiring analysis of variable factors and determining the best course of action.

In this position, you will work closely with areas such as IT (architecture, infrastructure and operations), information protection, data governance, vendor management, disaster recovery, compliance, and first line risk management teams

Independently oversees the IT operations risk management activities of the first line.

Partners with various levels of operational leaders and SMEs to understand strategy and approach to IT risk management.

Stays current on IT risk trends and emerging technologies.

Assesses IT operational risks to the company.

Evaluates processes and controls for design, operational effectiveness, and alignment to industry standard frameworks.

Advises and consults with business partners on IT risk management to help inform direction and decision making.

Performs cloud-focused IT risk assessments and reviews.

Consults and guides IT leaders on risk and control best practices associated with enabling operational capabilities in a cloud environment.

Ability to guide leaders on risks associated with migrating large enterprise legacy systems into a cloud environment.

Develops and reports metrics and associated indicators that provide transparency and measure drivers associated with IT risks. Makes reports and data visible to stakeholders and communicates to appropriate committees.

Ensures reporting accurately represents the risk environment.

Coordinates with data privacy and compliance areas to help ensure applicable data protection requirements are implemented.

Partners with vendor risk management and business continuity teams to assess the cyber resiliency of our supply chain.

Develops and maintains GRC and analytic tooling to support and automate risk oversight capabilities.

Ensures that planned risk remediation activities are effectively implemented.

Credibly challenges first line practices regarding risk taking activities.

Required Qualifications

Bachelor's Degree or equivalent

8 years of related experience in Information Security, Information Assurance, Risk Management, Audit and/or Information Technology risk and controls

5 years in cloud computing technology roles

5 years of supervisory/management experience

3 or more year of Information Security assessment, audit or compliance experience

2 or more years of project leadership experience

Required Skills & Experience

Experience in IT operational roles aligned to benefit/value enablement, program and project delivery, or operations and service delivery

Skilled in one or multiple cloud platforms and technology roles

Strong ability to assess urgency and prioritization and make good decisions based upon situational circumstances

Ability maintain perspective as to the organization's broader risk posture while focusing on individual risks/issues

Skilled at identifying information technology and security risks and exposures

Direct experience performing cloud, IT, and/or risk reviews and audits

Excellent communication skills with the ability to influence others

Highly developed analytical and problem solving skills

Experience creating and evaluating risk management plans

Preferred Skills & Experience

Experience with Cloud Security Alliance (CSA) Cloud Security Matrix and associated domains

Familiarity with the NIST Cloud Computing Reference Architecture and associated standards

Experience with business/data analytics and technology solutions necessary to manage and perform data analytics

Understanding of cyber regulatory environment and requirements

Experience developing and maintaining GRC technology capabilities supporting a standardized approach to Enterprise Risk Management

Additional Information

For this job, associates are required to be fully COVID vaccinated or undergo weekly COVID testing and wear a face covering while at work. The weekly testing will need to be done through an approved Humana vendor, and unvaccinated associates should follow all social distancing and masking protocols if they are required to come into a Humana facility or work outside of their home. We are a healthcare company committed to putting health and safety first for our members, patients, associates, and the communities we serve.

If progressed to offer, you will be required to:

Provide proof of full vaccination OR

Commit to weekly testing, following all CDC protocols, OR

Provide documentation for a medical or religious exemption consideration.

This policy will not supersede state or local laws. Requests for these exemptions should be submitted at least 2 weeks prior to your scheduled first day of work.

Scheduled Weekly Hours

40

Company info

Humana Inc.
Website : http://www.humana.com