Lead Director, Infrastructure Security Services

Job DescriptionCVS Health is leading the industry in transforming Healthcare as we know it today. Are you ready for an exciting new opportunity?We are look for a fully remote Lead Director of Security Technology, Infrastructure Security Services. This is a critical member of the Enterprise Information Security (EIS) organization, focused on delivering enterprise security solutions that spans endpoint and network security services; this would include overseeing endpoint minimum security baseline control standards and detection and response (EDR) strategy, Web Application firewall and network security policies. Scope of responsibility spans on-premise and cloud infrastructure, which includes both physical and virtual instances, in addition to mobile devices. This leader will partner closely with Information Technology (IT) infrastructure organization to define and implemented needed defense capabilities. The Lead Director will define strategic vision and roadmaps across accountable security services and technology, foster a culture of innovation to enable secure business solutions, drive operational excellence, optimize operating costs through technology rationalization and standardization and drive workforce strategy with an emphasis on talent development and retention.This role will lead teams accountable to: Define security program objectives, implement systems, and evaluate standards and policies to protect enterprise infrastructure. Establish continuous compliance monitoring and reporting against defined minimum security baseline standards and identify configuration drift. Lead and design innovative approaches to ensure proper security controls are applied to corporate assets; this includes endpoint protection, network security and database monitoring. Jointly implement secure system capabilities to meet evolving threat landscape and risks while balancing user experience with functional requirements. Partner with security engineering team to jointly define roadmaps and implement security solutions. Work with key stakeholders to understand risk drivers and capability requirements, assess the various security technologies deployed, identify synergies between endpoint controls, and ultimately provides direction on strategic technology solutions. Represent endpoint security interests during security incidents, including coordinating with Incident Response teams and ensuring that appropriate remediation actions are performed (as needed). Ownership and management of associated security policies and control standards for accountable services.Pay RangeThe typical pay range for this role is:Minimum: 100,000Maximum: 221,000Please keep in mind that this range represents the pay range for all positions in the job grade within which this position falls. The actual salary offer will take into account a wide range of factors, including location.Required QualificationsBachelor's Degree10+ years of related experience, with 8+ years in a leadership role.8+ years of Network and Endpoint security technologies experience required.This role will lead teams accountable to: Define security program objectives, implement systems, and evaluate standards and policies to protect enterprise infrastructure. Establish continuous compliance monitoring and reporting against defined minimum security baseline standards and identify configuration drift. Lead and design innovative approaches to ensure proper security controls are applied to corporate assets; this includes endpoint protection, network security and database monitoring. Jointly implement secure system capabilities to meet evolving threat landscape and risks while balancing user experience with functional requirements. Partner with security engineering team to jointly define roadmaps and implement security solutions. Work with key stakeholders to understand risk drivers and capability requirements, assess the various security technologies deployed, identify synergies between endpoint controls, and ultimately provides direction on strategic technology solutions. Represent endpoint security interests during security incidents, including coordinating with Incident Response teams and ensuring that appropriate remediation actions are performed (as needed). Ownership and management of associated security policies and control standards for accountable services.COVID RequirementsCOVID-19 Vaccination RequirementCVS Health requires certain colleagues to be fully vaccinated against COVID-19 (including any booster shots if required), where allowable under the law, unless they are approved for a reasonable accommodation based on disability, medical condition, religious belief, or other legally recognized reasons that prevents them from being vaccinated. You are required to have received at least one COVID-19 shot prior to your first day of employment and to provide proof of your vaccination status or apply for a reasonable accommodation within the first 10 days of your employment. Please note that in some states and roles, you may be required to provide proof of full vaccination or an approved reasonable accommodation before you can begin to actively work.Preferred Qualifications CISSP Certification Master’s Degree Understanding of public cloud concepts, preferably AWS, Azure & GCP Security Risk Analysis Procedures & Best Practices Continuous learner well informed on technology trends, methodologies, and models. Ability to manage a high degree of complexity and distill information that provides clear direction. Strong attention to detail and a focus on mobilizing the organization to deliver the strategy. Ability to motivate others with high expectations to facilitate impact and pace of change. Agility to deal with a constantly changing business environments. Comfortable operating within areas of ambiguity to iterate and make progress in a consistent manner. Drive change across an organization while building a strong morale and culture. Fosters collaborative decision-making processes that deliver results and exceed expectations.EducationBachelor's degree or the additional equivalent experience required.Business OverviewBring your heart to CVS HealthEvery one of us at CVS Health shares a single, clear purpose: Bringing our heart to every moment of your health. This purpose guides our commitment to deliver enhanced human-centric health care for a rapidly changing world. Anchored in our brand — with heart at its center — our purpose sends a personal message that how we deliver our services is just as important as what we deliver.Our Heart At Work Behaviors™ support this purpose. We want everyone who works at CVS Health to feel empowered by the role they play in transforming our culture and accelerating our ability to innovate and deliver solutions to make health care more personal, convenient and affordable. We strive to promote and sustain a culture of diversity, inclusion and belonging every day. CVS Health is an affirmative action employer, and is an equal opportunity employer, as are the physician-owned businesses for which CVS Health provides management services. We do not discriminate in recruiting, hiring, promotion, or any other personnel action based on race, ethnicity, color, national origin, sex/gender, sexual orientation, gender identity or expression, religion, age, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.