View All Jobs/Careers

Job Information

Aetna Third Party Cyber Risk Advisor in Denver, Colorado

Req ID: 65187BR

Job Description

The Third Party Cyber Risk Analyst will work with CVS Health/Aetna and third party resources to drive the cyber security maturity of our third parties. This position is accountable for identification and remediation of risks identified through Aetna's assessment and continuous monitoring of third parties. The position will manage, monitor, and coordinate third party risk activities for assigned business portfolios.

Fundamental Components included but are not limited to:

Aetna s Third Party Risk Governance team must work directly with Aetna business lines and third party contacts to ensure the appropriate protection of sensitive data. In this role, the successful candidate must have the ability to collaborate and drive resolutions. The successful candidate will find themselves in an environment that recognizes and supports the need to drive change across Aetna s third party portfolio. Candidates should demonstrate:

  • Ability to directly or indirectly work with business lines, subject matter experts and other constituents to ensure understanding of key security controls for use of third parties.

  • Work with third parties to implement key security controls in accordance with Aetna Global Security strategy and vision for protection of sensitive data.

  • Build and maintains positive relationships with management, team members, and stakeholders across Aetna using effective written and oral communication practices. Possess the ability to influence others using program knowledge, negotiation methods, and be able to overcome objections.

  • Possess a foundational understanding of common technology architectures. Will be able to credibly understand high level system architecture and data flow diagrams for the purpose of identifying gaps in disclosure and risk identification.

  • Demonstrate knowledge of key regulatory risks and controls for assigned business lines. Understanding of HIPAA/HITECH required, Sarbanes-Oxley and PCI desired.

  • Ability to effectively communicate complex Cyber Security issues to non-technical audiences

  • Proven track record of driving programs, project, or issues to completion

Qualifications Requirements and Preferences:

Qualifications Basic Qualifications:

  • Bachelor's degree, or equivalent work experience

  • Five to seven years of applicable experience

  • Third party (vendor) risk management experience

  • Excellent verbal and written communication skills

  • Strong project management and strategic planning skills

  • Technology development and/or Applications/Operational support experience

  • Software applications proficiency in RSA Archer and MS Office Suite

  • Demonstrable ability to recognize the relevance of risk trends, issues and potential risk exposure


  • Understanding of Cyber Security frameworks such as NIST or ISO 27001

  • Understanding of Risk Management (framework knowledge such as COSO, COBIT, NIST RMF, etc)

Functional Skills:

Information Technology - Security

Technology Experience:

System Management - Information Security Management

Additional Job Information:

  • Business Focus - Discuss third parties, risks, and controls specific to business areas

  • Strong Communication - Builds and maintains positive relationships with management, team members, and stakeholders across CVS Health using effective written and oral communication practices. This position will foster collaboration internally across the enterprise while drawing in diverse groups to share ideas, information, and resources to strengthen the program. This position will also be responsible for building cooperation and trust between departments and other groups. In this position, one will be able to influence others using program knowledge, negotiation methods, and is able to overcome objections which lead to consensus among constituents.

Benefit Eligibility

Benefit eligibility may vary by position. Click here to review the benefits associated with this position.

Job Function: Information Technology

Aetna is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected Veterans status.