VP Segment and Product Security

Job InformationHumanaVP, Segment and Product SecurityinBethesda, MarylandDescriptionAs a direct report to the Chief Information Security Officer (CISO), the VP of Segment and Product Security is responsible for defining the strategy for product and data security, supporting all Humana business segments. The successful candidate will provide thought leadership to the Enterprise Information Protection leadership team to mature the security program at Humana.ResponsibilitiesResponsibilities include, but are not limited to:Manage the Business Information Security Officers (BISO) program to identify, assess, consult on, and manage security risks for each segment.Implement Segment specific security scorecards.Work closely with Segment CIOs and Segment ORMs to manage security risks.Recommend and drive implementation of security services.Work with Technology Risk and ERM (Enterprise Risk Management) on risk management practices.Act as the conduit between Segment aligned IT and Business teams and Enterprise Information Protection.Lead the product/application security capabilities, with product security architects and engineers.Work closely with Application Engineering teams to enable security-by-design principles in product lifecycle with least friction, upholding security requirements.Expand security advocacy program with strong threat mindset in product/application engineering teams.Enhance DevSecOps capabilities, to enable Agile development practices.Create and maintain baseline Architectural Security Assessments (ASA) for most critical segment(s) products/applications.Work with Security Architecture on product security design patterns and blueprints, to be fed into Enterprise reference architecture.Lead the data protection capabilities, with data protection architects and engineers.Lead the requirements for data protection capabilities.Work with Enterprise and Security Architecture teams to select technologies that meet business requirements.Work closely with Data Governance Office, to provide and accept requirements that improve organizational data risk posture.Engineer policies for data loss prevention (DLP) across all channels including web, email and network.Maintain strong actionable metrics for all functions, BISO, Product Security and Data Protection, with clear KRIs (Key Risk Indicators) and KPIs (Key Performance Indicators).Required Qualifications:Bachelor's degree15 years of technical leadership experience in Information Security (strongly preferred) or Information Technology10 years of people leadership experienceDemonstrated knowledge of threat modeling and architectural product security fundamentalsIn-depth knowledge of security compliance, technology, and risk best practicesAbility to influence peers and leadershipStrong verbal and communication skillsAdditional InformationIncumbent can be located anywhere across the United States.Requires travel as business needs dictate.Work-At-Home Requirements: Must have the ability to provide a high-speed DSL or cable modem for a home office. Associates or contractors who live and work from home in California will be provided payment for their internet expense. A minimum standard speed for optimal performance of 25x10 (25mbps download x 10mbps upload) is required. Satellite and Wireless Internet service is NOT allowed for this role. A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information.COVID Policy:We are a healthcare company committed to putting health and safety first for our members, patients, associates, and the communities we serve. Humana and its subsidiaries require vaccinated associates who work outside of their home to submit proof of vaccination, including COVID-19 boosters. Associates who remain unvaccinated must either undergo weekly negative COVID testing OR wear a mask at all times while in a Humana facility or while working in the field.Scheduled Weekly Hours40Humana complies with all applicable federal civil rights laws and does not discriminate on the basis of race, color, national origin, age, disability, sex, sexual orientation, gender identity or religion. We also provide free language interpreter services.

#J-18808-Ljbffr