Senior Manager, Infrastructure Security Services

At CVS Health, we're building a world of health around every consumer and surrounding ourselves with dedicated colleagues who are passionate about transforming health care.

As the nation's leading health solutions company, we reach millions of Americans through our local presence, digital channels and more than 300,000 purpose-driven colleagues - caring for people where, when and how they choose in a way that is uniquely more connected, more convenient and more compassionate. And we do it all with heart, each and every day.

Job Overview:

The Senior Manager of Infrastructure Security Services is responsible for leading and managing the organization's security initiatives related to infrastructure services, ensuring the integrity, confidentiality, and availability of critical IT systems. This includes overseeing security operations for data centers, network infrastructure, cloud environments, endpoints, and enterprise applications.

The Senior Manager will be responsible for maintaining a comprehensive infrastructure security program, aligning with business objectives while ensuring compliance with relevant regulations and industry standards. This individual will collaborate with key stakeholders across IT, compliance, and business units to design, implement, and maintain security frameworks, tools, and policies.

Key Responsibilities:

Strategic Leadership & Direction:

• Lead the strategy, and execution of infrastructure security services, ensuring alignment with the organization's overall security program and business objectives.
• Manage and grow a high-performing team of infrastructure security professionals, providing mentorship, guidance, and leadership in the execution of security initiatives.
• Develop and drive security policies, procedures, and best practices for securing critical infrastructure components including networks, servers, cloud services, and endpoints.

Infrastructure Security Architecture & Implementation:

• Design and implement security architecture frameworks for enterprise infrastructure, ensuring they are scalable, robust, and resilient to potential threats.
• Oversee the evaluation, selection, and deployment of infrastructure security tools and technologies (e.g., firewalls, intrusion detection systems, encryption solutions, endpoint protection).

Risk Management & Compliance:

• Conduct regular risk assessments and vulnerability assessments to identify, evaluate, and mitigate security risks in the infrastructure environment.
• Ensure infrastructure security is compliant with industry standards (e.g., NIST, ISO 27001) and relevant regulatory requirements (e.g., GDPR, PCI, HIPAA, HITRUST, SOX).
• Collaborate with compliance and audit teams to ensure infrastructure security settings, policies and practices meet regulatory and organizational requirements.

Incident Response & Security Monitoring:

• Oversee infrastructure-related security incidents, including identifying, responding to, and recovering from security breaches or vulnerabilities.
• Ensure proactive monitoring and alerting of critical infrastructure components, identifying potential threats and mitigating risks in real time.
• Lead post-incident reviews to identify root causes, recommend improvements, and implement preventive measures.

Collaboration & Cross-Functional Leadership:

• Collaborate closely with IT operations, cloud, network, and development teams to integrate security into infrastructure provisioning, automation, and deployment processes.
• Work with other cybersecurity leaders to ensure comprehensive protection across all IT domains, from network to endpoint to cloud.
• Serve as a liaison with external vendors, regulatory bodies, and auditors to ensure the security of infrastructure services and systems.

Cloud Security & Hybrid Environments:

• Lead the implementation of security practices for cloud-based infrastructure (e.g., AWS, Azure, Google Cloud Platform) in a hybrid or multi-cloud environment.
• Ensure secure configurations and continuous monitoring of cloud resources, with a focus on access controls, encryption, and incident response.
• Evaluate and implement cloud-native security services and tools to enhance visibility and protection of cloud workloads.

Documentation & Reporting:

• Develop and maintain detailed documentation for security processes, policies, and system architectures related to infrastructure security.
• Provide regular updates to senior leadership on the state of infrastructure security, including risk assessments, incident reports, and security performance metrics.

Required Qualifications:

• 7+ years of hands-one experience in Infrastructure and/or Cybersecurity Technologies
• 7+ years of experience managing highly technical teams within large scale environments
• 5+ years of experience managing internal and external security audits

Education:

• Bachelor's degree or equivalent experience (High School Diploma and 4 years relevant experience)

Pay Range

The typical pay range for this role is:

$130,295.00 - $260,590.00

This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above. This position also includes an award target in the company's equity award program.

Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong.

Great benefits for great people

We take pride in our comprehensive and competitive mix of pay and benefits - investing in the physical, emotional and financial wellness of our colleagues and their families to help them be the healthiest they can be. In addition to our competitive wages, our great benefits include:

• Affordable medical plan options, a 401(k) plan (including matching company contributions), and an employee stock purchase plan.
• No-cost programs for all colleagues including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.
• Benefit solutions that address the different needs and preferences of our colleagues including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.

For more information, visit ;br>
We anticipate the application window for this opening will close on: 07/16/2025

Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.