Information Security 3rd Party Risk Assessment

POSITION SUMMARY The Third Party Risk Analyst will work with Aetna and third party resources to drive the cyber security maturity of Aetna's third parties. This position is accountable for identification and remediation of risks identified through Aetna's assessment and continuous monitoring of third parties. The position will manage, monitor, and coordinate third party risk activities for assigned business portfolios. Fundamental Components: Aetnas Third Party Risk Governance team must work directly with Aetna business lines and third party contacts to ensure the appropriate protection of sensitive data. In this role, the successful candidate must have the ability to collaborate and drive resolutions. The successful candidate will find themselves in an environment that recognizes and supports the need to drive change across Aetnas third party portfolio. Candidates should demonstrate: Ability to directly or indirectly work with business lines, subject matter experts and other constituents to ensure understanding of key security controls for use of third parties. Work with third parties to implement key security controls in accordance with Aetna Global Security strategy and vision for protection of sensitive data. Build and maintains positive relationships with management, team members, and stakeholders across Aetna using effective written and oral communication practices. Possess the ability to influence others using program knowledge, negotiation methods, and be able to overcome objections. Possess a foundational understanding of common technology architectures. Will be able to credibly understand high level system architecture and data flow diagrams for the purpose of identifying gaps in disclosure and risk identification. Demonstrate knowledge of key regulatory risks and controls for assigned business lines. Understanding of HIPAA/HITECH required, Sarbanes-Oxley and PCI desired. Ability to effectively communicate complex Cyber Security issues to non-technical audiences Proven track record of driving programs, project, or issues to completion BACKGROUND/EXPERIENCE desired: Qualifications Basic Qualifications: Bachelor's degree, or equivalent work experience Five to seven years of applicable experience Third party (vendor) risk management experience Excellent verbal and written communication skills Strong project management and strategic planning skills Technology development and/or Applications/Operational support experience Software applications proficiency in RSA Archer and MS Office Suite Demonstrable ability to recognize the relevance of risk trends, issues and potential risk exposure Desired: Understanding of Cyber Security frameworks such as NIST or ISO 27001 Understanding of Risk Management (framework knowledge such as COSO, COBIT, NIST RMF, etc) EDUCATION The highest level of education desired for candidates in this position is a Bachelor's degree or equivalent experience. ADDITIONAL JOB INFORMATION Aetna is about more than just doing a job. This is our opportunity to re-shape healthcare for America and across the globe. We are developing solutions to improve the quality and affordability of healthcare. What we do will benefit generations to come. We care about each other, our customers and our communities. We are inspired to make a difference, and we are committed to integrity and excellence.
Salary Range: NA
Minimum Qualification
5 - 7 years

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

IS Information Security Specialist I
Philadelphia, PA Children's Hospital of Philadelphia
Information Security Engineer
Mechanicsburg, PA Select Medical Corporation