IT-Information Technology

Employment TYPE



Woonsocket, Rhode Island


April 12, 2019


IT-Information Technology





Job# J484

Information Security Control Assurance Compliance

About The Opportunity

Security Control Assurance & Compliance Consultant

Job Description

  • The Consultant of Information Security Control Assurance & Compliance reports to the Senior Manager of Information Governance, Risk, and Control Assurance. This position is responsible for ensuring controls are operating as designed, meeting regulatory obligations, and mitigating risk to the CVS Health family of companies. They are charged with enforcing remediation and performing gap analysis to determine impact to existing security capabilities.
  • The role and responsibility of this position is to:
  • Identify and analyze gaps in desired outcomes, obligations, and compliance responsibilities;
  • Serve as a Trusted Advisor to stakeholders and business partners;
  • Participate in root cause analysis and the evaluation of the design of Information Security controls and processes making recommendations for control improvement where necessary;
  • Develop and execute audit compliance plans while analyzing results with actionable recommendations and corrective action plans;
  • Provide detailed management level reporting and dashboards designed to demonstrate adherence against expected control outcomes, including compliance obligations;
  • Oversight remediation of identified gaps;
  • Engage with internal, external, and regulatory auditors;
  • Maintain business relationships with key stakeholders across CVS Health.

Required Skills

  • 5+ years of relevant Information Security experience.
  • Excellent communication and presentation skills.
  • Experience performing detailed control testing, including regulatory audit and compliance test scenarios.
  • Ability to function as part of an Information Security Controls Assessment or Compliance program.
  • Demonstrated ability to establish well defined procedures and appropriate mitigation strategies derived from risk analysis and lessons learned.
  • Strong organization and process management skills.
  • Bachelors degree in Computer Science, Management Information Systems, Technology, or Business. MBA or Masters Degree preferred.
  • Working towards a CISA, CISSP, CGEIT, or CRISC certification.
  • Experience in IT Audit or IT Compliance.
  • Experience with Information Security in a Pharmacy Benefits Management or Retail environment a plus.
  • Working knowledge or expertise of regulatory and industry standards, including ISO, NIST, SOX, HIPAA, PCI-DSS, and HITRUST.
  • Experience and knowledge of industry certification or audit standards including AICPA, Verizon CRP, PCI-DSS, and Shared Assessments AUP.


6 + Months

Please Contact me to discuss the hiring process!

Shaun Stewart

Sr. Executive Recruiter
Contact: (310) 929-8421 Ext: 102

Hi! My name is Shaun. I feel that our shortlisted candidates are the most valuable asset when it comes to recruitment. I make sure that I keep in mind the best interest of the candidate and find him/her a suitable job opening matching his/her profile. Not only this I actively work with each of my candidates and keep them updated about the whole application process.