5,925 International Security jobs in the United States

At CVS Health, we're building a world of health around every consumer and surrounding ourselves with dedicated colleagues who are passionate about transforming health care.
As the nation's leading health solutions company, we reach millions of Americans through our local presence, digital channels and more than 300,000 purpose-driven colleagues - caring for people where, when and how they choose in a way that is uniquely more connected, more convenient and more compassionate. And we do it all with heart, each and every day.
**Position Summary**
This role will create and use impactful metrics, reporting, and data visualizations to drive consistent messaging and effectively communicate the cybersecurity landscape and posture with various stakeholders. This position requires a blend of cybersecurity expertise and analytical skills to drive strategic discussions around metrics, data, and reporting solutions. The analyst may also conduct security risk assessments for new technologies before deployment and technologies post-deployment in the production environment. Identifies, assesses, analyzes security risks, scrutinizes potential vulnerabilities, and provides risk mitigation strategies to ensure compliance and adherence to information security standards for a seamless and secure integration.
+ Develop and implement SRO metrics and reporting standards of excellence for the organization.
+ Collect, analyze, and interpret large datasets to derive meaningful insights, trends, and patterns in cybersecurity metrics.
+ Create comprehensive reports and dashboards using data visualization tools to present key cybersecurity metrics to leadership and stakeholders.
**Required Qualifications**
+ 2+ years of metrics and reporting, data and analytics, dashboard visualization, cybersecurity, or related experience, including but not limited to: Metric development. Data collection and analysis, Reporting and visualization
+ Reporting and dashboard tool proficiency (e.g., Power BI, Tableau)
+ 2+ years of information security experience
+ 2+ years working knowledge of common security frameworks and regulations, including but not limited to NIST 800-53, ISO 27001/2, HIPAA/HITECH, HITRUST and PCI-DSS
**Preferred Qualifications**
+ Industry leading reporting and data visualization tools
+ Ability to comprehend implications of security risk (inherent risk, residual risks), compensating controls, etc.
+ Solid written and verbal communication skills
+ Ability to demonstrate critical thinking and knowledge of risk management basic processes, tools, and techniques
+ Solid knowledge of Information Security policies and procedures
+ Solid knowledge of regulatory (including Audit frameworks) standards, including but not limited to NIST 800-53, SOX, SOC1/SOC2 Type II audits, HIPPA/HITECH, HITRUST, and PCI-DSS
+ Knowledge of current security threat and vulnerability trends
+ Understanding of cloud Security best practices and frameworks
**Education**
+ Bachelor's degree or equivalent experience.
**Anticipated Weekly Hours**
40
**Time Type**
Full time
**Pay Range**
The typical pay range for this role is:
$64,890.00 - $158,620.00
This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above.
Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong.
**Great benefits for great people**
We take pride in our comprehensive and competitive mix of pay and benefits - investing in the physical, emotional and financial wellness of our colleagues and their families to help them be the healthiest they can be. In addition to our competitive wages, our great benefits include:
+ **Affordable medical plan options,** a **401(k) plan** (including matching company contributions), and an **employee stock purchase plan** .
+ **No-cost programs for all colleagues** including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.
+ **Benefit solutions that address the different needs and preferences of our colleagues** including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.
For more information, visit anticipate the application window for this opening will close on: 08/08/2025
Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.
We are an equal opportunity and affirmative action employer. We do not discriminate in recruiting, hiring, promotion, or any other personnel action based on race, ethnicity, color, national origin, sex/gender, sexual orientation, gender identity or expression, religion, age, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.

At CVS Health, we're building a world of health around every consumer and surrounding ourselves with dedicated colleagues who are passionate about transforming health care.
As the nation's leading health solutions company, we reach millions of Americans through our local presence, digital channels and more than 300,000 purpose-driven colleagues - caring for people where, when and how they choose in a way that is uniquely more connected, more convenient and more compassionate. And we do it all with heart, each and every day.
**Position Summary**
This role will create and use impactful metrics, reporting, and data visualizations to drive consistent messaging and effectively communicate the cybersecurity landscape and posture with various stakeholders. This position requires a blend of cybersecurity expertise and analytical skills to drive strategic discussions around metrics, data, and reporting solutions. The analyst may also conduct security risk assessments for new technologies before deployment and technologies post-deployment in the production environment. Identifies, assesses, analyzes security risks, scrutinizes potential vulnerabilities, and provides risk mitigation strategies to ensure compliance and adherence to information security standards for a seamless and secure integration.
+ Develop and implement SRO metrics and reporting standards of excellence for the organization.
+ Collect, analyze, and interpret large datasets to derive meaningful insights, trends, and patterns in cybersecurity metrics.
+ Create comprehensive reports and dashboards using data visualization tools to present key cybersecurity metrics to leadership and stakeholders.
**Required Qualifications**
+ 2+ years of metrics and reporting, data and analytics, dashboard visualization, cybersecurity, or related experience, including but not limited to: Metric development. Data collection and analysis, Reporting and visualization
+ Reporting and dashboard tool proficiency (e.g., Power BI, Tableau)
+ 2+ years of information security experience
+ 2+ years working knowledge of common security frameworks and regulations, including but not limited to NIST 800-53, ISO 27001/2, HIPAA/HITECH, HITRUST and PCI-DSS
**Preferred Qualifications**
+ Industry leading reporting and data visualization tools
+ Ability to comprehend implications of security risk (inherent risk, residual risks), compensating controls, etc.
+ Solid written and verbal communication skills
+ Ability to demonstrate critical thinking and knowledge of risk management basic processes, tools, and techniques
+ Solid knowledge of Information Security policies and procedures
+ Solid knowledge of regulatory (including Audit frameworks) standards, including but not limited to NIST 800-53, SOX, SOC1/SOC2 Type II audits, HIPPA/HITECH, HITRUST, and PCI-DSS
+ Knowledge of current security threat and vulnerability trends
+ Understanding of cloud Security best practices and frameworks
**Education**
+ Bachelor's degree or equivalent experience.
**Anticipated Weekly Hours**
40
**Time Type**
Full time
**Pay Range**
The typical pay range for this role is:
$64,890.00 - $158,620.00
This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above.
Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong.
**Great benefits for great people**
We take pride in our comprehensive and competitive mix of pay and benefits - investing in the physical, emotional and financial wellness of our colleagues and their families to help them be the healthiest they can be. In addition to our competitive wages, our great benefits include:
+ **Affordable medical plan options,** a **401(k) plan** (including matching company contributions), and an **employee stock purchase plan** .
+ **No-cost programs for all colleagues** including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.
+ **Benefit solutions that address the different needs and preferences of our colleagues** including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.
For more information, visit anticipate the application window for this opening will close on: 08/08/2025
Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.
We are an equal opportunity and affirmative action employer. We do not discriminate in recruiting, hiring, promotion, or any other personnel action based on race, ethnicity, color, national origin, sex/gender, sexual orientation, gender identity or expression, religion, age, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.

At CVS Health, we're building a world of health around every consumer and surrounding ourselves with dedicated colleagues who are passionate about transforming health care.
As the nation's leading health solutions company, we reach millions of Americans through our local presence, digital channels and more than 300,000 purpose-driven colleagues - caring for people where, when and how they choose in a way that is uniquely more connected, more convenient and more compassionate. And we do it all with heart, each and every day.
**Position Summary**
This role will create and use impactful metrics, reporting, and data visualizations to drive consistent messaging and effectively communicate the cybersecurity landscape and posture with various stakeholders. This position requires a blend of cybersecurity expertise and analytical skills to drive strategic discussions around metrics, data, and reporting solutions. The analyst may also conduct security risk assessments for new technologies before deployment and technologies post-deployment in the production environment. Identifies, assesses, analyzes security risks, scrutinizes potential vulnerabilities, and provides risk mitigation strategies to ensure compliance and adherence to information security standards for a seamless and secure integration.
+ Develop and implement SRO metrics and reporting standards of excellence for the organization.
+ Collect, analyze, and interpret large datasets to derive meaningful insights, trends, and patterns in cybersecurity metrics.
+ Create comprehensive reports and dashboards using data visualization tools to present key cybersecurity metrics to leadership and stakeholders.
**Required Qualifications**
+ 2+ years of metrics and reporting, data and analytics, dashboard visualization, cybersecurity, or related experience, including but not limited to: Metric development. Data collection and analysis, Reporting and visualization
+ Reporting and dashboard tool proficiency (e.g., Power BI, Tableau)
+ 2+ years of information security experience
+ 2+ years working knowledge of common security frameworks and regulations, including but not limited to NIST 800-53, ISO 27001/2, HIPAA/HITECH, HITRUST and PCI-DSS
**Preferred Qualifications**
+ Industry leading reporting and data visualization tools
+ Ability to comprehend implications of security risk (inherent risk, residual risks), compensating controls, etc.
+ Solid written and verbal communication skills
+ Ability to demonstrate critical thinking and knowledge of risk management basic processes, tools, and techniques
+ Solid knowledge of Information Security policies and procedures
+ Solid knowledge of regulatory (including Audit frameworks) standards, including but not limited to NIST 800-53, SOX, SOC1/SOC2 Type II audits, HIPPA/HITECH, HITRUST, and PCI-DSS
+ Knowledge of current security threat and vulnerability trends
+ Understanding of cloud Security best practices and frameworks
**Education**
+ Bachelor's degree or equivalent experience.
**Anticipated Weekly Hours**
40
**Time Type**
Full time
**Pay Range**
The typical pay range for this role is:
$64,890.00 - $158,620.00
This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above.
Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong.
**Great benefits for great people**
We take pride in our comprehensive and competitive mix of pay and benefits - investing in the physical, emotional and financial wellness of our colleagues and their families to help them be the healthiest they can be. In addition to our competitive wages, our great benefits include:
+ **Affordable medical plan options,** a **401(k) plan** (including matching company contributions), and an **employee stock purchase plan** .
+ **No-cost programs for all colleagues** including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.
+ **Benefit solutions that address the different needs and preferences of our colleagues** including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.
For more information, visit anticipate the application window for this opening will close on: 08/08/2025
Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.
We are an equal opportunity and affirmative action employer. We do not discriminate in recruiting, hiring, promotion, or any other personnel action based on race, ethnicity, color, national origin, sex/gender, sexual orientation, gender identity or expression, religion, age, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.

At CVS Health, we're building a world of health around every consumer and surrounding ourselves with dedicated colleagues who are passionate about transforming health care.
As the nation's leading health solutions company, we reach millions of Americans through our local presence, digital channels and more than 300,000 purpose-driven colleagues - caring for people where, when and how they choose in a way that is uniquely more connected, more convenient and more compassionate. And we do it all with heart, each and every day.
**Position Summary**
This role will create and use impactful metrics, reporting, and data visualizations to drive consistent messaging and effectively communicate the cybersecurity landscape and posture with various stakeholders. This position requires a blend of cybersecurity expertise and analytical skills to drive strategic discussions around metrics, data, and reporting solutions. The analyst may also conduct security risk assessments for new technologies before deployment and technologies post-deployment in the production environment. Identifies, assesses, analyzes security risks, scrutinizes potential vulnerabilities, and provides risk mitigation strategies to ensure compliance and adherence to information security standards for a seamless and secure integration.
+ Develop and implement SRO metrics and reporting standards of excellence for the organization.
+ Collect, analyze, and interpret large datasets to derive meaningful insights, trends, and patterns in cybersecurity metrics.
+ Create comprehensive reports and dashboards using data visualization tools to present key cybersecurity metrics to leadership and stakeholders.
**Required Qualifications**
+ 2+ years of metrics and reporting, data and analytics, dashboard visualization, cybersecurity, or related experience, including but not limited to: Metric development. Data collection and analysis, Reporting and visualization
+ Reporting and dashboard tool proficiency (e.g., Power BI, Tableau)
+ 2+ years of information security experience
+ 2+ years working knowledge of common security frameworks and regulations, including but not limited to NIST 800-53, ISO 27001/2, HIPAA/HITECH, HITRUST and PCI-DSS
**Preferred Qualifications**
+ Industry leading reporting and data visualization tools
+ Ability to comprehend implications of security risk (inherent risk, residual risks), compensating controls, etc.
+ Solid written and verbal communication skills
+ Ability to demonstrate critical thinking and knowledge of risk management basic processes, tools, and techniques
+ Solid knowledge of Information Security policies and procedures
+ Solid knowledge of regulatory (including Audit frameworks) standards, including but not limited to NIST 800-53, SOX, SOC1/SOC2 Type II audits, HIPPA/HITECH, HITRUST, and PCI-DSS
+ Knowledge of current security threat and vulnerability trends
+ Understanding of cloud Security best practices and frameworks
**Education**
+ Bachelor's degree or equivalent experience.
**Anticipated Weekly Hours**
40
**Time Type**
Full time
**Pay Range**
The typical pay range for this role is:
$64,890.00 - $158,620.00
This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above.
Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong.
**Great benefits for great people**
We take pride in our comprehensive and competitive mix of pay and benefits - investing in the physical, emotional and financial wellness of our colleagues and their families to help them be the healthiest they can be. In addition to our competitive wages, our great benefits include:
+ **Affordable medical plan options,** a **401(k) plan** (including matching company contributions), and an **employee stock purchase plan** .
+ **No-cost programs for all colleagues** including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.
+ **Benefit solutions that address the different needs and preferences of our colleagues** including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.
For more information, visit anticipate the application window for this opening will close on: 08/08/2025
Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.
We are an equal opportunity and affirmative action employer. We do not discriminate in recruiting, hiring, promotion, or any other personnel action based on race, ethnicity, color, national origin, sex/gender, sexual orientation, gender identity or expression, religion, age, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.

At CVS Health, we're building a world of health around every consumer and surrounding ourselves with dedicated colleagues who are passionate about transforming health care.
As the nation's leading health solutions company, we reach millions of Americans through our local presence, digital channels and more than 300,000 purpose-driven colleagues - caring for people where, when and how they choose in a way that is uniquely more connected, more convenient and more compassionate. And we do it all with heart, each and every day.
**Position Summary**
This role will create and use impactful metrics, reporting, and data visualizations to drive consistent messaging and effectively communicate the cybersecurity landscape and posture with various stakeholders. This position requires a blend of cybersecurity expertise and analytical skills to drive strategic discussions around metrics, data, and reporting solutions. The analyst may also conduct security risk assessments for new technologies before deployment and technologies post-deployment in the production environment. Identifies, assesses, analyzes security risks, scrutinizes potential vulnerabilities, and provides risk mitigation strategies to ensure compliance and adherence to information security standards for a seamless and secure integration.
+ Develop and implement SRO metrics and reporting standards of excellence for the organization.
+ Collect, analyze, and interpret large datasets to derive meaningful insights, trends, and patterns in cybersecurity metrics.
+ Create comprehensive reports and dashboards using data visualization tools to present key cybersecurity metrics to leadership and stakeholders.
**Required Qualifications**
+ 2+ years of metrics and reporting, data and analytics, dashboard visualization, cybersecurity, or related experience, including but not limited to: Metric development. Data collection and analysis, Reporting and visualization
+ Reporting and dashboard tool proficiency (e.g., Power BI, Tableau)
+ 2+ years of information security experience
+ 2+ years working knowledge of common security frameworks and regulations, including but not limited to NIST 800-53, ISO 27001/2, HIPAA/HITECH, HITRUST and PCI-DSS
**Preferred Qualifications**
+ Industry leading reporting and data visualization tools
+ Ability to comprehend implications of security risk (inherent risk, residual risks), compensating controls, etc.
+ Solid written and verbal communication skills
+ Ability to demonstrate critical thinking and knowledge of risk management basic processes, tools, and techniques
+ Solid knowledge of Information Security policies and procedures
+ Solid knowledge of regulatory (including Audit frameworks) standards, including but not limited to NIST 800-53, SOX, SOC1/SOC2 Type II audits, HIPPA/HITECH, HITRUST, and PCI-DSS
+ Knowledge of current security threat and vulnerability trends
+ Understanding of cloud Security best practices and frameworks
**Education**
+ Bachelor's degree or equivalent experience.
**Anticipated Weekly Hours**
40
**Time Type**
Full time
**Pay Range**
The typical pay range for this role is:
$64,890.00 - $158,620.00
This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above.
Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong.
**Great benefits for great people**
We take pride in our comprehensive and competitive mix of pay and benefits - investing in the physical, emotional and financial wellness of our colleagues and their families to help them be the healthiest they can be. In addition to our competitive wages, our great benefits include:
+ **Affordable medical plan options,** a **401(k) plan** (including matching company contributions), and an **employee stock purchase plan** .
+ **No-cost programs for all colleagues** including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.
+ **Benefit solutions that address the different needs and preferences of our colleagues** including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.
For more information, visit anticipate the application window for this opening will close on: 08/08/2025
Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.
We are an equal opportunity and affirmative action employer. We do not discriminate in recruiting, hiring, promotion, or any other personnel action based on race, ethnicity, color, national origin, sex/gender, sexual orientation, gender identity or expression, religion, age, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.

At CVS Health, we're building a world of health around every consumer and surrounding ourselves with dedicated colleagues who are passionate about transforming health care.
As the nation's leading health solutions company, we reach millions of Americans through our local presence, digital channels and more than 300,000 purpose-driven colleagues - caring for people where, when and how they choose in a way that is uniquely more connected, more convenient and more compassionate. And we do it all with heart, each and every day.
**Position Summary**
This role will create and use impactful metrics, reporting, and data visualizations to drive consistent messaging and effectively communicate the cybersecurity landscape and posture with various stakeholders. This position requires a blend of cybersecurity expertise and analytical skills to drive strategic discussions around metrics, data, and reporting solutions. The analyst may also conduct security risk assessments for new technologies before deployment and technologies post-deployment in the production environment. Identifies, assesses, analyzes security risks, scrutinizes potential vulnerabilities, and provides risk mitigation strategies to ensure compliance and adherence to information security standards for a seamless and secure integration.
+ Develop and implement SRO metrics and reporting standards of excellence for the organization.
+ Collect, analyze, and interpret large datasets to derive meaningful insights, trends, and patterns in cybersecurity metrics.
+ Create comprehensive reports and dashboards using data visualization tools to present key cybersecurity metrics to leadership and stakeholders.
**Required Qualifications**
+ 2+ years of metrics and reporting, data and analytics, dashboard visualization, cybersecurity, or related experience, including but not limited to: Metric development. Data collection and analysis, Reporting and visualization
+ Reporting and dashboard tool proficiency (e.g., Power BI, Tableau)
+ 2+ years of information security experience
+ 2+ years working knowledge of common security frameworks and regulations, including but not limited to NIST 800-53, ISO 27001/2, HIPAA/HITECH, HITRUST and PCI-DSS
**Preferred Qualifications**
+ Industry leading reporting and data visualization tools
+ Ability to comprehend implications of security risk (inherent risk, residual risks), compensating controls, etc.
+ Solid written and verbal communication skills
+ Ability to demonstrate critical thinking and knowledge of risk management basic processes, tools, and techniques
+ Solid knowledge of Information Security policies and procedures
+ Solid knowledge of regulatory (including Audit frameworks) standards, including but not limited to NIST 800-53, SOX, SOC1/SOC2 Type II audits, HIPPA/HITECH, HITRUST, and PCI-DSS
+ Knowledge of current security threat and vulnerability trends
+ Understanding of cloud Security best practices and frameworks
**Education**
+ Bachelor's degree or equivalent experience.
**Anticipated Weekly Hours**
40
**Time Type**
Full time
**Pay Range**
The typical pay range for this role is:
$64,890.00 - $158,620.00
This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above.
Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong.
**Great benefits for great people**
We take pride in our comprehensive and competitive mix of pay and benefits - investing in the physical, emotional and financial wellness of our colleagues and their families to help them be the healthiest they can be. In addition to our competitive wages, our great benefits include:
+ **Affordable medical plan options,** a **401(k) plan** (including matching company contributions), and an **employee stock purchase plan** .
+ **No-cost programs for all colleagues** including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.
+ **Benefit solutions that address the different needs and preferences of our colleagues** including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.
For more information, visit anticipate the application window for this opening will close on: 08/08/2025
Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.
We are an equal opportunity and affirmative action employer. We do not discriminate in recruiting, hiring, promotion, or any other personnel action based on race, ethnicity, color, national origin, sex/gender, sexual orientation, gender identity or expression, religion, age, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.

Job Description

Hearst Technology, Inc, Information Security Office seeks a Manager, Information Security Risk Management. The Manager, Information Security Risk Management is responsible for assessing risk and managing risk information for the organization and key business units. This position assesses information security risk within essential technology functions, key business processes, documentation, and collaborates with key business leaders to assist in reducing risk and maturing the overall control environment. This position will also support Audit and Compliance functions within Hearst, focusing on PCI and HIPAA.

Team Alignment: Governance, Risk, and Compliance (GRC) Team. The GRC Team is multi-faceted and focuses on driving business value. Our mission is to establish an integrated program that ensures the overall effectiveness of capabilities that impact information security across business units globally.

• Perform security risk reviews, risk assessments and gap assessments on key business processes and new and existing technologies. Subsequently, work with various business units, as needed, to ensure controls are adequate, appropriate, and effective and that mitigation and remediation plans are in place.
• Maintain the IT risk register and risk dashboard keeping risks, and their response plans up to date; will be required to work with cross-functional teams and businesses.
• Prepare detailed recurring risk management reports with associated metrics.
• Support the implementation of a risk program including enhancing processes supporting accountability, exception requests, and overall risk reduction in accordance with NIST and COBIT Cybersecurity frameworks.
• Support vendor due-diligence process and help define overall third-party risk management efforts.
• Support risk-focused governance entities such as forums and steering committees.
• Support internal and external audit processes for relevant compliance areas including NIST CSF, NIST 800-53, PCI-DSS, HIPAA, SOX, and other external and internal requirements.
• Support key capabilities and processes across the GRC function in support of the Hearst Information Security Office using an Agile methodology approach to delivering work products and key services.
• Work collaboratively with regional and global partners in other functional units; ability to navigate a complex organization; to influence and lead people across cultures at a senior level. Collaboratively interface with global IT and business partners to provide guidance and support.
• Design and implement improvements in risk-related documentation.
• Other related duties as assigned.

Who You Are: As a mid-level position, comfort and experience with all aspects of governance, risk, and compliance is required.

Technical Skills

• Experience with IT governance, risk, and compliance management in a large global environment, while working with geographically dispersed, multidisciplinary teams.
• Experience conducting risk assessments and managing risk across departments and functions.
• Strong foundation in PCI and HIPAA compliance requirements and testing.
• Familiarity with an integrated risk management platform.
• Familiarity with security frameworks, particularly NIST and COBIT Cybersecurity Frameworks and HITRUST.
• Basic understanding and knowledge of technical fundamentals such as networking concepts, cloud computing, application development, and security best practices.
• Proficiency with Word, Excel, PowerPoint, JIRA, SharePoint.
• Experience with GRC and risk management platforms such as Prevalent and TruOps is desired.

Soft Skills

• Strong work ethic with attention to detail and demonstrated analytical abilities.
• Attention to detail, verbal and written communication, and initiative; able to apply constructive feedback to enhance managing risk.
• Strong presentation skills with the ability to articulate complex problems and solutions through concise and clear messaging.
• Self-motivated with excellent planning and organizational skills; and the ability to prioritize tasks to meet deadlines and effectively manage changing priorities.
• Professional customer orientation with a strong commitment to providing a high standard of customer satisfaction.
• Ability to deliver client-ready documentation and participate in relevant client meetings; able to work across teams effectively and efficiently.
• Working understanding of project management principles, processes, and documentation.
• Ability to collaborate with internal and external stakeholders.

Qualifications

• Bachelor's Degree in Information Technology, Computer Science, or equivalent.
• Minimum 5 years of relevant experience in a risk management role with at least 2 years of practical experience in Audit and Compliance.
• Industry standard certification such as CISA, CRISC, CISM, ARM, CISSP, ISO 27001, ISO 27005 is desired.

About Us

Hearst is one of the nation's largest global, diversified information, services and media companies.

Hearst has been innovating for more than a century, leading with purpose, integrity and a culture of care, with a mission to inform audiences and improve lives.

The company's diverse portfolio includes global financial services leader Fitch Group; Hearst Health, a group of medical information and services businesses; Hearst Transportation, which includes CAMP Systems International, a major provider of software-as-a-service solutions for managing maintenance of jets and helicopters; ownership in cable television networks such as A&E, HISTORY, Lifetime and ESPN; 35 television stations; 24 daily and 52 weekly newspapers; digital services businesses; and more than 200 magazines around the world.

Hearst is always moving forward, investing in healthcare solutions to improve patient outcomes and technology that curbs emissions; providing vital analysis, data and software to the global financial services industry; delivering important service and investigative journalism; and inspiring audiences with sports and entertainment programming.

With a commitment to maintaining the highest quality in its products and services, Hearst is dedicated to serving the communities it operates in, both civically and philanthropically.

Hearst is an Equal Employment Opportunity employer. We do not discriminate in hiring on the basis of race, color, national origin, religion, creed, sex or gender, gender identity, gender expression, sexual orientation, age, physical or mental disability, military or veteran status, or any other characteristic protected by federal, state, or local law.

Summary:

The Meta Security team is responsible for improving the security posture of the software and services used throughout our company. Our work spans Facebook, Instagram, WhatsApp, Oculus, and all of the underlying systems and infrastructure that power these products behind the scenes.We are seeking a committed and experienced security engineer to join our Security Risk Management (SRM) team to help design and build solutions to:* Drive better understanding of security risk and enable investment decisions through automation, monitoring, and tracking of Meta's security tools, systems, and controls* Enable security and software engineers to seamlessly respond to requests to prove effective design and operation of security capabilities* Increase maturity of security capabilities through control improvements and redesign

Required Skills:

Security Engineer - Security Risk Management Responsibilities:

1. Work with a team of software, data, and security engineers that design, build, and own software solutions that scale high fidelity security risk contextualization, tracking, and reporting

2. Understand and influence evolution of security capabilities across various domains to scale and automate: a) monitoring the effectiveness, and b) increasing the maturity of those capabilities

3. Design and build solutions to scale managing and responding to risk management & compliance related requests

Minimum Qualifications:

Minimum Qualifications:

1. Bachelor's degree or equivalent experience in information security

2. 5+ years work experience securing enterprise-scale infrastructure software and services

3. 3-5+ years programming experience with at least one of the following languages: Python, PHP, Ruby, or similar scripting languages

4. Experience remediating infrastructure security gaps across broad corporate boundaries using influence and relationships

5. Experience with security control automation/monitoring or "compliance as code" implementations

6. Experience thinking critically and defending solutions with solid communications skills in a cross-functional setting to influence decision makers across all levels of technical background

Preferred Qualifications:

Preferred Qualifications:

1. Networking and system administration experience of server (Linux, Windows) and client (Windows, macOS, Linux) operating systems

2. Experience influencing software engineers to build products meant to scale security solutions

3. Experience generating automated metrics to measure service and program effectiveness and consistency

4. Experience with common risk & compliance program activities (e.g., controls, risk, policy management)

Public Compensation:

$147,000/year to $208,000/year + bonus + equity + benefits

Industry: Internet

Equal Opportunity:

Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment.

Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at

Summary:

The Meta Security team is responsible for improving the security posture of the software and services used throughout our company. Our work spans Facebook, Instagram, WhatsApp, Oculus, and all of the underlying systems and infrastructure that power these products behind the scenes.We are seeking a committed and experienced security engineer to join our Security Risk Management (SRM) team to help design and build solutions to:* Drive better understanding of security risk and enable investment decisions through automation, monitoring, and tracking of Meta's security tools, systems, and controls* Enable security and software engineers to seamlessly respond to requests to prove effective design and operation of security capabilities* Increase maturity of security capabilities through control improvements and redesign

Required Skills:

Security Engineer - Security Risk Management Responsibilities:

1. Work with a team of software, data, and security engineers that design, build, and own software solutions that scale high fidelity security risk contextualization, tracking, and reporting

2. Understand and influence evolution of security capabilities across various domains to scale and automate: a) monitoring the effectiveness, and b) increasing the maturity of those capabilities

3. Design and build solutions to scale managing and responding to risk management & compliance related requests

Minimum Qualifications:

Minimum Qualifications:

1. Bachelor's degree or equivalent experience in information security

2. 5+ years work experience securing enterprise-scale infrastructure software and services

3. 3-5+ years programming experience with at least one of the following languages: Python, PHP, Ruby, or similar scripting languages

4. Experience remediating infrastructure security gaps across broad corporate boundaries using influence and relationships

5. Experience with security control automation/monitoring or "compliance as code" implementations

6. Experience thinking critically and defending solutions with solid communications skills in a cross-functional setting to influence decision makers across all levels of technical background

Preferred Qualifications:

Preferred Qualifications:

1. Networking and system administration experience of server (Linux, Windows) and client (Windows, macOS, Linux) operating systems

2. Experience influencing software engineers to build products meant to scale security solutions

3. Experience generating automated metrics to measure service and program effectiveness and consistency

4. Experience with common risk & compliance program activities (e.g., controls, risk, policy management)

Public Compensation:

$147,000/year to $208,000/year + bonus + equity + benefits

Industry: Internet

Equal Opportunity:

Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment.

Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at