IT Compliance Professional

Become a part of our caring community and help us put health first

Do you thrive on rethinking routine? Do you crave identifying areas of opportunity to strengthen a company’s cybersecurity posture? Humana is looking for an experienced IT Compliance professional to join our Governance, Risk, and Compliance (GRC) team. In this role, you will enhance GRC processes, identify areas for improvement, and promote best practices across the organization. You will help shape Humana’s risk culture, strengthen Security Governance, and support accountability for security practices.

This position provides the opportunity to influence cybersecurity at a Fortune 40 company and support the ongoing advancement of our security program.

• Independently conduct comprehensive audits and assessments on complex new and existing information systems applications to ensure that appropriate controls exist, that processing is efficient and accurate, and that information systems procedures are in compliance with corporate standards, industry best standards, and contractual requirements.
• Apply in-depth knowledge and skills to develop and analyze metrics (Key Performance Indicators, Key Risk Indicators, etc.) and trend reports that monitor control effectiveness and compliance maturity over time.
• Proactively address problems and regularly make technical recommendations by drawing from prior experiences or knowledge of best practices to improve processes, tools that can impact multiple functions.
• Determine methods, priorities, and timelines to orchestrate cross-functional risk assessments, identify control gaps and risks in information systems, and coordinate with stakeholders to recommend, drive, and monitor remediation.
• Working with enterprise-wide IT partners to advise and ensure adherence to compliance requirements throughout system implementations and enhancements, influencing design and execution to meet regulatory, organizational standards and strategy.
• Address technical architectural and design configurations issues by applying sound judgment and discretion, interpreting policies, and determining appropriate methods, priorities, and approaches to work.
• Ensure compliance with federal and state laws, HIPAA Security Rule, DoD, VA, and TRICARE regulations and Humana’s technology practices.
• Cultivate and maintain strategic partnerships with essential stakeholders in Third Party Risk Management to track and advise on risk remediation of vendors and subcontractors.
• Manage and track the remediation of application security vulnerabilities and penetration testing findings, ensuring all issues are addressed efficiently from initial identification through to final resolution.
• Proactively conduct thorough IT audits and assessments against established compliance frameworks, identifying areas for process improvement to ensure organizational readiness for future departmental and business opportunities.
• Manage all aspects of external audit activities, including preparation, auditor coordination, evidence management, and remediation tracking.
• Support the AI governance effort and perform formal assessments against the NIST AI Risk Management Framework of AI use cases to identify, evaluate, and manage the mitigation of ethical, security, and compliance risks.

• Our Department of Defense contract requires U.S. citizenship for this position.
• Successfully receive interim approval for government security clearance (NBIS – National Background Investigation).
• 4 or more years of technical experience.
• 4 or more years of Governance, Risk and Compliance and audit management experience.
• 3 or more years of experience developing Objectives and Key Results (OKRs) and/or Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs).
• 1 or more years of Artificial Intelligence Governance experience.
• Working knowledge in HIPAA Security Rule, FedRAMP, cloud platforms, NIST AI Risk Management Framework and integrating compliance requirements with new and existing technologies.
• Dynamic communication, collaboration, and conflict management skills to establish and maintain…