Enterprise Risk Management Lead

Profile

Description

The Lead, Information Technology & Data Governance Risk Oversight, identifies, analyzes, monitors and minimizes areas of risk that pertain to information technology and data governance. Coordinates closely with the Information/Cyber Security and Disaster Recovery Disciplines as well as the Data Governance Organization and key business stakeholders. The Lead, Information Technology & Data Governance Risk Oversight, works on problems of diverse scope and complexity ranging from moderate to substantial.

Responsibilities

The Lead is responsible for driving the strategy and risk management program development for the Data Governance & Information Technology risks. The Lead will conduct the required bi-annual top risk assessments as well as targeted risk assessments of key processes to identify potential gaps that may increase residual risk. This role will largely serve as a consultant to internal business partners to help advise on risk related to business decisions, process development, control improvement, and organizational changes. The Lead will also oversee mitigation activities to ensure effective completion and monitor overall control effectiveness. Additionally, the Lead is responsible for developing and managing key risk metrics and performance metrics to effectively monitor and report on the residual risk and provide transparency to senior leaders.

The Risk Management Lead works on problems of diverse scope and complexity ranging from moderate to substantial; exercises independent judgment and decision making on complex issues regarding job duties and related tasks, and works under minimal supervision. The Lead uses independent judgment requiring analysis of variable factors and determining the best course of action.

In this position, you will work closely with areas such as IT (architecture, infrastructure and operations), information security, privacy, data governance, vendor management, disaster recovery, compliance, and first line risk management teams


Independently oversees the IT and Data Governance operations risk management activities of the first line.
Partners with various levels of operational leaders and SMEs to understand strategy and approach to IT and Data Governance risk management.
Stays current on risk trends and emerging technologies.
Assesses IT and Data Governance operational risks to the company.
Evaluates processes and controls for design, operational effectiveness, and alignment to industry standard frameworks.
Advises and consults with business partners on IT and Data Governance risk management to help inform direction and decision making.
Performs cloud-focused IT and Data Governance risk assessments and reviews.
Consults and guides IT and business leaders on risk and control best practices associated with enabling operational capabilities in a cloud environment.
Ability to guide leaders on risks associated with migrating large enterprise legacy systems into a cloud environment.
Develops and reports metrics and associated indicators that provide transparency and measure drivers associated with IT and Data Governance risks. Makes reports and data visible to stakeholders and communicates to appropriate committees.
Ensures reporting accurately represents the risk environment.
Coordinates with privacy and compliance areas to help ensure applicable data protection requirements are implemented.
Partners with vendor risk management and business continuity teams to assess the cyber resiliency of our supply chain.
Develops and maintains GRC and analytic tooling to support and automate risk oversight capabilities.
Ensures that planned risk remediation activities are effectively implemented.
Credibly challenges first line practices regarding risk taking activities.


Required Qualifications


Bachelor's Degree or equivalent experience
8 years of related experience in Information Security, Information Assurance, Data Governance, Risk Management, Audit and/or Information Technology risk and controls
5 years in cloud computing technology roles
5 years of supervisory/management experience
3 or more year of Information Technology/Security assessment, audit, or compliance experience
2 or more years of project leadership experience
Experience communicating and collaborating with operational and senior leaders
Experience driving process improvement and measuring progress
Must be passionate about contributing to an organization focused on continuously improving customer experiences


Preferred Skills & Experience


2 years of leadership experience
Experience in IT operational roles aligned to benefit/value enablement, program and project delivery, or operations and service delivery
Experience evaluating technology strategies and risk management plans
Skilled in one or multiple cloud platforms and technology roles
Experience with Cloud Security Alliance (CSA) Cloud Controls Matrix and associated domains
Familiarity with the NIST Cloud Computing Reference Architecture and associated standards
Direct experience performing cloud, IT, and/or risk reviews and audits
Experience with data breach response processes
Skilled at identifying information security and technology risks and exposures, determines the causes of deficiencies and suggests procedures to halt future incidents and improve security
Strong ability to assess urgency and prioritization and make good decisions based upon situational circumstances
Ability maintain perspective as to the organization's broader risk posture while focusing on individual risks/issues
Excellent communication skills with the ability to influence others
Highly developed analytical and problem solving skills
Experience with business/data analytics and technology solutions necessary to manage and perform data analytics
Understanding of data protection and privacy regulatory environment and requirements
Experience developing and maintaining GRC technology capabilities supporting a standardized approach to Enterprise Risk Management


Humana Vaccination Statement

Humana and its subsidiaries require vaccinated associates who work outside of their home to submit proof of vaccination, including COVID-19 boosters. Associates who remain unvaccinated must either undergo weekly negative COVID testing OR wear a mask at all times while in a Humana facility or while working in the field.

Work-At-Home Requirements


WAH requirements: Must have the ability to provide a high speed DSL or cable modem for a home office. Associates or contractors who live and work from home in the state of California will be provided payment for their internet expense.

A minimum standard speed for optimal performance of 25x10 (25mpbs download x 10mpbs upload) is required.

Satellite and Wireless Internet service is NOT allowed for this role.

A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information


#LI - EL1

#LI - Remote

Scheduled Weekly Hours

40

Humana complies with all applicable federal civil rights laws and does not discriminate on the basis of race, color, national origin, age, disability, sex, sexual orientation, gender identity or religion. We also provide free language interpreter services. See our ****

Company info

Sign Up Now - FinancialServicesCrossing.com