Aetna Information Security - 3rd Party Risk Assessment in Cranberry, Pennsylvania
Req ID: 51251BR
The Third Party Risk Analyst will work with Aetna and third party resources to drive the cyber security maturity of Aetna's third parties. This position is accountable for identification and remediation of risks identified through Aetna's assessment and continuous monitoring of third parties. The position will manage, monitor, and coordinate third party risk activities for assigned business portfolios.
Aetnas Third Party Risk Governance team must work directly with Aetna business lines and third party contacts to ensure the appropriate protection of sensitive data. In this role, the successful candidate must have the ability to collaborate and drive resolutions. The successful candidate will find themselves in an environment that recognizes and supports the need to drive change across Aetnas third party portfolio. Candidates should demonstrate:
Ability to directly or indirectly work with business lines, subject matter experts and other constituents to ensure understanding of key security controls for use of third parties.
Work with third parties to implement key security controls in accordance with Aetna Global Security strategy and vision for protection of sensitive data.
Build and maintains positive relationships with management, team members, and stakeholders across Aetna using effective written and oral communication practices. Possess the ability to influence others using program knowledge, negotiation methods, and be able to overcome objections.
Possess a foundational understanding of common technology architectures. Will be able to credibly understand high level system architecture and data flow diagrams for the purpose of identifying gaps in disclosure and risk identification.
Demonstrate knowledge of key regulatory risks and controls for assigned business lines. Understanding of HIPAA/HITECH required, Sarbanes-Oxley and PCI desired.
Ability to effectively communicate complex Cyber Security issues to non-technical audiences
Proven track record of driving programs, project, or issues to completion
Qualifications Basic Qualifications:
Bachelor's degree, or equivalent work experience
Five to seven years of applicable experience
Third party (vendor) risk management experience
Excellent verbal and written communication skills
Strong project management and strategic planning skills
Technology development and/or Applications/Operational support experience
Software applications proficiency in RSA Archer and MS Office Suite
Demonstrable ability to recognize the relevance of risk trends, issues and potential risk exposure
Understanding of Cyber Security frameworks such as NIST or ISO 27001
Understanding of Risk Management (framework knowledge such as COSO, COBIT, NIST RMF, etc)
The highest level of education desired for candidates in this position is a Bachelor's degree or equivalent experience.
ADDITIONAL JOB INFORMATION
Aetna is about more than just doing a job. This is our opportunity to re-shape healthcare for America and across the globe. We are developing solutions to improve the quality and affordability of healthcare. What we do will benefit generations to come.
We care about each other, our customers and our communities. We are inspired to make a difference, and we are committed to integrity and excellence.
Together we will empower people to live healthier lives.
Aetna is an equal opportunity & affirmative action employer. All qualified applicants will receive consideration for employment regardless of personal characteristics or status. We take affirmative action to recruit, select and develop women, people of color, veterans and individuals with disabilities.
We are a company built on excellence. We have a culture that values growth, achievement and diversity and a workplace where your voice can be heard.
Benefit eligibility may vary by position. Click here to review the benefits associated with this position.
Aetna takes our candidate's data privacy seriously. At no time will any Aetna recruiter or employee request any financial or personal information (Social Security Number, Credit card information for direct deposit, etc.) from you via e-mail. Any requests for information will be discussed prior and will be conducted through a secure website provided by the recruiter. Should you be asked for such information, please notify us immediately.
Job Function: Information Technology