Senior Manager, Threat Detection and Engineering

At CVS Health, we're building a world of health around every consumer and surrounding ourselves with dedicated colleagues who are passionate about transforming health care.As the nation's leading health solutions company, we reach millions of Americans through our local presence, digital channels and more than 300,000 purpose-driven colleagues - caring for people where, when and how they choose in a way that is uniquely more connected, more convenient and more compassionate. And we do it all with heart, each and every day.Who You Are

• Extensive experience in cybersecurity risk management with a proven track record of identifying, assessing, and mitigating risks across complex environments.
• Deep technical expertise in Microsoft Security tools, CrowdStrike, Splunk, Google Chronicle, and other SOC technologies.
• Proven ability to develop and execute cybersecurity risk strategies that align with business objectives.
• Strong leadership skills with experience managing and mentoring risk management teams, fostering a collaborative and high-performance culture.
• Excellent communication skills for engaging with senior management and translating technical risks into actionable business insights.
• Experience with AI and automation to enhance risk detection and mitigation practices.
• Proficiency in evaluating and optimizing security tool stacks to reduce costs while enhancing risk detection and remediation.
• Strong analytical and problem-solving skills with the ability to make data-driven decisions.
• In-depth understanding of regulatory requirements and compliance frameworks (e.g., PCI DSS, NIST, ISO 27001).

Role ResponsibilitiesStrategic Risk Management

• Lead the strategic planning for the organization's cybersecurity risk management roadmap, ensuring alignment with business objectives.
• Develop and enforce risk management policies, standards, and processes for Microsoft Security tools, CrowdStrike, Splunk, Google Chronicle, and other SOC platforms.
• Conduct comprehensive risk assessments to identify vulnerabilities and recommend mitigation strategies.
• Evaluate and rationalize the current security tool stack to reduce costs and improve risk detection and response capabilities.

Risk Assessment and Mitigation

• Oversee risk assessments for systems, applications, and third-party vendors to identify and manage cybersecurity risks.
• Implement and optimize SIEM solutions (e.g., Splunk, Google Chronicle) and EDR platforms (e.g., CrowdStrike) to enhance risk detection and mitigation.
• Establish KPIs and metrics to measure the effectiveness of risk management practices.
• Leverage AI and automation to enhance risk detection, response, and overall efficiency of risk management processes.

Collaboration & Expertise

• Work closely with IT, cloud, and infrastructure teams to integrate risk management practices into security tools and processes.
• Act as a senior advisor, providing guidance on risk management strategies and best practices.

Innovation & Continuous Improvement

• Lead initiatives to explore and implement new risk management technologies and automation solutions.
• Encourage a culture of continuous learning and improvement within the risk management team.

Required Qualifications

• 7+ years of experience in cybersecurity risk management
• 5+ years of experience in a people management role.
• 5+ years of experience hands-on experience with Microsoft Security tools, CrowdStrike, Splunk, and Google Chronicle.
• 5+ years of experience in experience with implementing and managing data protection measures and compliance with data protection regulations (e.g., GDPR, CCPA).
• 5+ years of experience in leading security initiatives from inception through to successful deployment, demonstrating exceptional project management skills and the ability to navigate complex stakeholder landscapes.
• 3+ years of demonstrated experience in managing and leading high-performance security teams, showcasing strong organizational navigation skills and the ability to inspire, challenge, and support team members towards achieving personal and organizational goals.

Preferred Qualifications

• Certifications preferred: CISSP, CRISC, CISM, or equivalent.
• Strong technical expertise with Experience with cloud security across AWS, Azure, and GCP.
• Proven ability to assess and rationalize security tools effectively, balancing cost, performance, and coverage.
• Experience in contract management and negotiations with security vendors.
• Proven ability to translate technical risks into business terms for stakeholders.
• Experience with direct, remote, and virtual teams.
• Understanding of at least one compliance framework (HIPAA, HITRUST, PCI, NIST, CSA).
• Leverage AI and automation to streamline risk detection, incident response, and vulnerability management processes.
• Strong technical expertise in defining and implementing cyber resilience standards, policies, and programs for distributed cloud and network infrastructure, ensuring robust redundancy and system reliability.
• Experience in influencing industry security standards and contributing to open-source projects or security communities, highlighting a broader impact beyond the immediate organization.
• Proven ability to foster a collaborative team environment, encouraging cross-functional teamwork and knowledge sharing to solve complex security challenges.

Education

• Bachelor's degree or equivalent experience (High School Diploma and 4 years relevant experience)

Pay Range

The typical pay range for this role is:$130,295.00 - $260,590.00

This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above. This position also includes an award target in the company's equity award program.Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong.Great benefits for great peopleWe take pride in our comprehensive and competitive mix of pay and benefits - investing in the physical, emotional and financial wellness of our colleagues and their families to help them be the healthiest they can be. In addition to our competitive wages, our great benefits include:

• Affordable medical plan options, a 401(k) plan (including matching company contributions), and an employee stock purchase plan.
• No-cost programs for all colleagues including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.
• Benefit solutions that address the different needs and preferences of our colleagues including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.

For more information, visit https://jobs.cvshealth.com/us/en/benefitsWe anticipate the application window for this opening will close on: 03/31/2025Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.