VP Segment and Product Security

Job InformationHumanaVP, Segment and Product SecurityinWashingtonDistrict Of ColumbiaDescriptionAs a direct report to the Chief Information Security Officer (CISO), the VP of Segment and Product Security is responsible for defining the strategy for product and data security, supporting all Humana business segments. The successful candidate will provide thought leadership to Enterprise Information Protection leadership team to mature the security program at Humana.ResponsibilitiesResponsibilities include, but are not limited to:Manage the Business Information Security Officers (BISO) program to identify, assess, consult on, and manage security risks for each segmentImplement Segment specific security scorecardsWork closely with Segment CIOs and Segment ORMs to manage security risksRecommend and drive implementation of security servicesWork with Technology Risk and ERM (Enterprise Risk Management) on risk management practicesAct as the conduit between Segment aligned IT and Business teams and Enterprise Information ProtectionLead the product/application security capabilities, with product security architects and engineersWork closely with Application Engineering teams to enable security-by-design principles in product lifecycle with least friction, upholding security requirementsExpand security advocacy program with strong threat mindset in product/application engineering teamsEnhance DevSecOps capabilities, to enable Agile development practicesCreate and maintain baseline Architectural Security Assessments (ASA) for most critical segment(s) products/applicationsWork with Security Architecture on product security design patterns and blueprints, to be fed into Enterprise reference architectureLead the data protection capabilities, with data protection architects and engineersLead the requirements for data protection capabilitiesWork with Enterprise and Security Architecture teams to select technologies that meet business requirementsWork closely with Data Governance Office, to provide and accept requirements that improve organizational data risk postureEngineer policies for data loss prevention (DLP) across all channels including web, email and networkMaintain strong actionable metrics for all functions, BISO, Product Security and Data Protection, with clear KRIs (Key Risk Indicators) and KPIs (Key Performance Indicators)Required Qualifications:Bachelor's degree15 years of technical leadership experience in Information Security (strongly preferred) or Information Technology10 years of people leadership experienceDemonstrated knowledge of threat modeling and architectural product security fundamentalsIn-depth knowledge of security compliance, technology, and risk best practicesAbility to influence peers and leadershipStrong verbal and communication skillsAdditional InformationIncumbent should be located in the Washington, DC area of the United StatesRequires travel as business needs dictateWork-At-Home Requirements, if applicable: Must have the ability to provide a high-speed DSL or cable modem for a home office. Associates or contractors who live and work from home in the state of California will be provided payment for their internet expense. A minimum standard speed for optimal performance of 25x10 (25mbps download x 10mbps upload) is required. Satellite and Wireless Internet service is NOT allowed for this role. A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA informationCOVID Policy: We are a healthcare company committed to putting health and safety first for our members, patients, associates, and the communities we serve. Humana and its subsidiaries require vaccinated associates who work outside of their home to submit proof of vaccination, including COVID-19 boosters. Associates who remain unvaccinated must either undergo weekly negative COVID testing OR wear a mask at all times while in a Humana facility or while working in the field.Scheduled Weekly Hours40

#J-18808-Ljbffr