Executive Director, Security Technology Services

Job DescriptionThe Executive Director of Security Technology Services is a critical member of the Enterprise Information Security (EIS) organization, leading the Security Technology Services organization focused on delivering enterprise security solutions that spans vulnerability scanning and detection across infrastructure and software assets, endpoint and network security services, data protection that includes data loss prevention (DLP) and encryption services. This leader will partner closely with Information Technology (IT) infrastructure and application development teams as well as Enterprise Product and Digital organizations. The Executive Director will define strategic vision and roadmaps across accountable security services and technology, foster a culture of innovation to enable secure business solutions, drive operational excellence, optimize operating costs through technology rationalization and standardization and drive workforce strategy with an emphasis on talent development and retention.Primary Job Duties & Responsibilities:This role will lead teams accountable to:- Drive software security program governance, objectives, implement solutions, define standards and policies to continually advance enterprise secure software development; define secure system solutions to meet evolving threat landscape and risks while balancing developer experience.- Design and perform comprehensive penetration testing, dynamic application security testing as well as other relevant testing across web applications, internal and external network infrastructure, analyze findings, and report results. In addition, manage regulatory compliance, contractual obligation, and discretionary testing needs and make recommendations for improvement. - Strategize and architect infrastructure vulnerability scanning management services, define asset management requirements across on-premise and public cloud environments, continually enhance scanning capabilities.- Identify, design, consult on, and progress the implementation of next generation data loss prevention techniques leveraging technologies such as traditional DLP, CASB, Proxy, UBA, etc. to secure across on-premise and cloud environments.- Define endpoint and network security strategy and program objectives, define, and evaluate standards and policies, partner to implement solutions and monitor minimum security baseline compliance.- Ownership and management of associated security policies and control standards for accountable services.Required Qualifications 15+ years of steady career progression including senior level information technology and information security leadership experience ideally in a healthcare or critical infrastructure industry related environment. 10+ years of experience working with a wide range of internal and external stakeholders at all levels on strategic and operational information security programs. 5+ years of experience with a wide range of frameworks, regulations, and security technologies such as data and asset protection, identity and access management, security operations and vulnerability management. 8+ years of experience in making decisions through a combination of analysis, wisdom, experience, and judgment. 10+ years of building and leading teams. 5+ years of experience operating across large scale organization, with business stakeholders, at a rapid pace. 5+ years of Software Development Lifecycle and CI/CD pipeline security concepts and technologies. 5+ years of experience involving security vulnerability and remediation management procedures and reporting. 8+ years of applying critical thinking with exceptional verbal and written communication skills. 8+ years of experience of building trusted and transparent partnerships between technology, business and vendors. Understanding of public cloud concepts, preferably AWS, Azure & GCP Security Risk Analysis Procedures & Best Practices Continuous learner well informed on technology trends, methodologies, and models. Ability to manage a high degree of complexity and distill information that provides clear direction. Strong attention to detail and a focus on mobilizing the organization to deliver the strategy. Ability to motivate others with high expectations to facilitate impact and pace of change. Comfortable operating within areas of ambiguity to iterate and make progress in a consistent manner. Progressive track record leading change through a rapid period of transformation.COVID RequirementsCOVID-19 Vaccination RequirementCVS Health requires certain colleagues to be fully vaccinated against COVID-19 (including any booster shots if required), where allowable under the law, unless they are approved for a reasonable accommodation based on disability, medical condition, religious belief, or other legally recognized reasons that prevents them from being vaccinated. You are required to have received at least one COVID-19 shot prior to your first day of employment and to provide proof of your vaccination status or apply for a reasonable accommodation within the first 10 days of your employment. Please note that in some states and roles, you may be required to provide proof of full vaccination or an approved reasonable accommodation before you can begin to actively work.Preferred Qualifications Advanced Degree CISSP CertificationEducation Bachelor's DegreeBusiness OverviewBring your heart to CVS HealthEvery one of us at CVS Health shares a single, clear purpose: Bringing our heart to every moment of your health. This purpose guides our commitment to deliver enhanced human-centric health care for a rapidly changing world. Anchored in our brand - with heart at its center - our purpose sends a personal message that how we deliver our services is just as important as what we deliver.Our Heart At Work Behaviors support this purpose. We want everyone who works at CVS Health to feel empowered by the role they play in transforming our culture and accelerating our ability to innovate and deliver solutions to make health care more personal, convenient and affordable. We strive to promote and sustain a culture of diversity, inclusion and belonging every day. CVS Health is an affirmative action employer, and is an equal opportunity employer, as are the physician-owned businesses for which CVS Health provides management services. We do not discriminate in recruiting, hiring, promotion, or any other personnel action based on race, ethnicity, color, national origin, sex/gender, sexual orientation, gender identity or expression, religion, age, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.

Created: 2025-11-01