Manager, Information Security

At CVS Health, we're building a world of health around every consumer and surrounding ourselves with dedicated colleagues who are passionate about transforming health care.As the nation's leading health solutions company, we reach millions of Americans through our local presence, digital channels and more than 300,000 purpose-driven colleagues - caring for people where, when and how they choose in a way that is uniquely more connected, more convenient and more compassionate. And we do it all with heart, each and every day.Position Summary

The IT Compliance Manager position plays a vital role in our Retail & Care Delivery Division. In this role, you will be primarily responsible for the evaluation, execution and continuous tracking, monitoring and reporting of IT internal (Internal Audit, Privacy, Etc.) and external (Regulatory & Client Contractual) audit/assessment activities, focused on supporting our Application Owners who are responsible for maintaining security, system, application and operational compliance with CVS Health IT/Security/Privacy policies, control standards and procedures.

Additional responsibilities include working with Application Owners and other DDAT teams to ensure compliance with Company policies/control standards specific to File Integrity Monitoring (FIM) and Logging & Monitoring.Responsibilities:

• Lead the management of daily, monthly, quarterly, annual, etc. activities associated with FIM, ensuring Application Owners remain in compliance
• Support our Application Owners as an additional POC with numerous audit/assessment activities by scheduling internal walkthroughs, attending audit/assessment sessions, guiding with responses and evidence and where applicable, collaborate with any discovered audit observations or findings, and ensure Management Action Plans with remediation timelines are appropriate and can be realistically met
• Provide status on operational items (i.e. evidence requests, audit finding remediation, daily/quarterly/annual reviews) in established reporting system
• Create/maintain job aids, guides, standard operating procedures, as needed
• Continually collaborate with Enterprise teams to create efficiencies wherever possible

Required Qualifications

• 5+ years of relevant Information Security Audit and/or IT Compliance roles
• Experience working with audit teams, providing management with status on potential audit findings as well as driving those findings to closure
• Demonstrated ability to work independently to manage personal workload
• Demonstrated ability to handle concurrent high priority tasks and work in dynamic environment of security/compliance discoveries daily
• Familiarity with Security domains such as: Identity Access Management, Vulnerability Management, File Integrity Management, code scanning
• Solid analytical skills to define complex business processes or resolve complex business issues

Preferred Qualifications

• Knowledge of IT security-related regulations such as HIPAA, HITRUST, SOX, PCI, ISO-27002, etc.
• Knowledge of IT security and compliance best practices and theory
• Knowledge of an evidence/issue tracking system such as AuditBoard or Archer
• Security certifications such as CISSP, CISA, CRISC, CISM, etc.
• Familiarity with the processes for the design, development, testing and implementation of application software
• Experience as a System (Unix, Windows, Mainframe) or Network administrator, specifically regarding best practices for security and compliance.

Education

• Bachelor's degree in Information Security/IT Compliance or related field - or equivalent experience in Information Security Audit and/or IT Compliance roles

Anticipated Weekly Hours
40Time Type
Full timePay Range

The typical pay range for this role is:$83,430.00 - $222,480.00This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above.Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong.Great benefits for great peopleWe take pride in our comprehensive and competitive mix of pay and benefits - investing in the physical, emotional and financial wellness of our colleagues and their families to help them be the healthiest they can be. In addition to our competitive wages, our great benefits include:

• Affordable medical plan options, a 401(k) plan (including matching company contributions), and an employee stock purchase plan.
• No-cost programs for all colleagues including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.
• Benefit solutions that address the different needs and preferences of our colleagues including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.

For more information, visit https://jobs.cvshealth.com/us/en/benefitsWe anticipate the application window for this opening will close on: 09/30/2025Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.

Client-provided location(s): Nashville, TN

Job ID: CVS-R0708171_1026

Employment Type: OTHER

Posted: 2025-09-10T19:31:56