Technology Control Testing Principal

Profile

Description

Humana is a Fortune 40 market leader in integrated healthcare whose dream is to help people achieve lifelong well-being. As a company focused on the health and well-being of the people we serve, Humana starts from within, and is committed to providing progressive benefits that advance the employment experience and vitality of the associate community. Through offerings anchored in a whole-person view of human well-being, Humana embraces a focus on stimulating positive individual and population changes while nurturing a sense of security, enabling people to live life fully and be their most productive.

Against that backdrop, we are seeking a talented and accomplished technology professional for the newly-created position of Technology Control Testing Principal - a position that resides in the Technology Cyber and Risk Management area of our Corporate IT organization. The Principal will be responsible for standing up a new IT functional capability that will focus on identifying and testing controls used to support both cyber and operational workflows and their associated risks, as well as performing risk analysis and identifying gaps in operational processes. This new function will touch every aspect of the IT domain and will extend into other areas such as Enterprise Risk Management, Compliance, and others. This is a highly complex role that requires significant past experience establishing and leading an enterprise technology control testing function at a large organization.

The Principal will report directly to the Director, IT Compliance and IOP Management and can be based anywhere in the lower 48 states.

Responsibilities

Key Responsibilities

Performing Control / Risk Assessments and walkthroughs

Establishing a 12 and 24 month technology control evaluation planning workflow

Establishing key control testing workflows, templates, and procedures

Developing and maintaining trusted and collaborative relationships with key peers and leaders across Information Technology teams

Maintaining communication and collaborative partnerships with Enterprise Risk Management (ERM), Cyber Risk Management, and Internal Audit teams

Making decisions independently and proactively empower associates to drive change

Operating in in an 'Agile' environment

Leading talent management and culture efforts, associate training, development, and engagement

Encouraging innovation, evaluation, and implementation of cutting-edge technologies, inclusion, outside-of-the-box thinking, teamwork, self-organization, and diversity

Key Candidate Qualifications

In general terms, the successful candidate will have extensive experience (typically 10 years) leading an IT Risk Management or IT Control Management function in a large corporation (i.e., Fortune 250). Ideally, this will include building such a function from the ground up. He/she will have a successful track record in facilitating and consulting across teams and managing projects and proven ability to perform risk analysis and the identification and surfacing of gaps in operational processes. A Bachelor's degree is required, as are CISA and CRISC certifications. Although not required, a Master's degree and CISM or CGEIT certifications will be highly desirable.

In addition to the above, the following technical qualifications and personal attributes are also sought:

Strong focus on attention to detail and documentation skills

Exceptional influencing skills that combine a highly collaborative mindset with the ability to stand firm in the face of resistance from diverse stakeholders and SMEs, and win their co-ownership in the outcomes.

Strong business/organizational acumen with a deep understanding of the interconnectedness that exists between diverse areas and the downstream and upstream impacts that may result from actions that are taken

Excellent oral and written communications skills, including experience in presenting complex findings to senior executives up to and including a CIO; the polish, poise, and executive presence that will ensure effective interaction with senior and executive level audiences

Familiarity with industry technology control frameworks such as NIST, COBIT, and ITIL.

Understanding of Three Lines of Defense model

Ability to operate in ambiguity and navigate complex technology interdependencies

Previous Humana IT experience

Experience with Enterprise Solution Point (ESP)

Experience with ServiceNow (Incident Management, Change Enablement, and CMDB modules)

Scheduled Weekly Hours

40

Humana complies with all applicable federal civil rights laws and does not discriminate on the basis of race, color, national origin, age, disability, sex, sexual orientation, gender identity or religion. We also provide free language interpreter services. See our https://www.humana.com/legal/accessibility-resources?source=Humana_Website.

Company info

Humana Inc.
Website : http://www.humana.com