Job Description

Resp & Qualifications

PURPOSE:
Reporting to the Director, Cybersecurity Governance, the Manager, Cybersecurity Risk Management plays a critical role in leading the cybersecurity risk management function and supporting processes to ensure alignment with industry best practices and regulatory requirements including HIPAA, NIST and PCI-DSS standards. The manager will be leading employees within the Cybersecurity Risk Management team that are highly-skilled cybersecurity, technology, and risk management professionals who have a wealth of experience and a demonstrated ability to provide value added recommendations and deliver high-impact results in their areas of expertise. The ideal candidate will be an experienced risk professional with strong knowledge of various risk domains (e.g., technology / cybersecurity), industry, and regulatory trends who can think strategically, and has a proven track record of positively influencing stakeholders at all levels of the organization.

ESSENTIAL FUNCTIONS:

Leading a team to develop comprehensive risk assessments to identify, assess, and prioritize cybersecurity risks that include innovative risk mitigation strategies with product and business teams.

Manages subordinate staff members in the day-to-day operations of cybersecurity risk managment while communicating with technical and non-technical stakeholders and leaders on cybersecurity risk management topics and program-specific reporting.

Develops and maintains key performance indicators (KPIs) and metrics to measure the effectiveness of the cybersecurity risk management program.

Partner with key technical and business stakeholders (e.g., Procurement, Legal, etc.) in managing the third party security risk program.

Ensures organizational procedures are aligned to maintain compliance with industry and regulatory standards.

Monitors trends to ensure organizational efficiency and alignment with the overall cybersecurity mission, vision, and strategy.

SUPERVISORY RESPONSIBILITY:
This position manages people.

QUALIFICATIONS:

Education Level: Bachelor\'s Degree in Computer Science, Information Technology, or related field OR In lieu of a Bachelor\'s degree, an additional 4 years of relevant work experience is required in addition to the required work experience.

Licenses/Certifications

Certified Information Security Manager (CISM) Upon Hire Preferred.

Certified Information Systems Auditor (CISA) Upon Hire Preferred.

CompTIA Advanced Security Practitioner (CASP) Upon Hire Preferred.

Certified in Risk and Information Systems Control (CRISC) Upon Hire Preferred.

CISSP Certified Information Systems Security Professional Upon Hire Preferred.

Experience: 5 years Related professional experience. 1 year Supervisory experience or demonstrated progressive leadership experience.

Preferred Qualifications:

Candidate should have knowledge and / or experience in the following domains:

Quantative Risk Analysis (FAIR)

Regulatory Compliance (HIPAA, PCI, GDPR, etc)

Governance, Risk, and Compliance (GRC) Tools and Frameworks

Information Security Risk Management

NIST Risk Management Framework

Knowledge, Skills and Abilities (KSAs)

Ability to multitask and manage multiple IT vendor relationships.

Ability to lead and work as part of a team.

Ability to execute technology and tool automation processes.

Deep knowledge of risk treatment and mitigation strategies.

Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity.

Thorough understanding of cyber threats and vulnerabilities.

Must be able to meet established deadlines and handle multiple customer service demands from internal and external customers, within set expectations for service excellence. Must be able to effectively communicate and provide positive customer service to every internal and external customer, including customers who may be demanding or otherwise challenging.

Salary Range: $137,920 - $256,014

Salary Range Disclaimer

Salary will be based on education, location, experience, certifications, etc. In addition to your salary, CareFirst offers benefits such as a comprehensive benefits package, incentive and recognition programs, and 401k contribution (all benefits are subject to eligibility requirements).

Department

Department:

Equal Employment Opportunity

CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer. It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Where To Apply

Please visit our website to apply:

Federal Disc/Physical Demand

Note: The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.

PHYSICAL DEMANDS:

The associate is primarily seated while performing the duties of the position. Occasional walking or standing is required. The hands are regularly used to write, type, key and handle or feel small controls and objects. The associate must frequently talk and hear. Weights up to 25 pounds are occasionally lifted.

Sponsorship in US

Must be eligible to work in the U.S. without Sponsorship

#LI-HS1

Not finding the right job?
Stay informed about future openings by joining one of our Talent Networks!

Related Careers

Frequent Job Searches

Recently Viewed Jobs

Most Recent Job Searches

Relevant Jobs

CareFirst