Key Responsibilities
Program & Project Leadership
Lead and deliver large-scale, complex IT and security initiatives, managing scope, schedule, risk, and dependencies.
Successfully manage projects using Waterfall, Agile, and hybrid methodologies, selecting the appropriate approach based on scope, risk, and organizational needs.
Create and manage Epics, Features, and User Stories, ensuring alignment with portfolio objectives, security initiatives, and delivery roadmaps.
Provide regular executive, stakeholder, and governance reporting, including status, risks, decisions, and outcomes.
Acquisition Security Integration & Risk Management
Cloud, application, and endpoint security
Incident, change, and configuration management
Data classification and encryption
Phishing training and campaigns
Telecom, domain, website, and third-party security
Malware prevention, key and certificate management
Secure print, NAC, mobile device security, and endpoint protection
In collaboration with Cyber Security teams, lead acquired entities through enterprise security onboarding across 36 security control categories, ensuring seamless integration and compliance with corporate security standards. Platforms include Asset Management, Endpoint Detection and Response (EDR), Application Security, Privileged Access Management, Secure File Sharing, Cloud Security, IT Service Management, Security Information and Event Management (SIEM), Web Security and Content Delivery, Security Operations Center (SOC), Data Loss Prevention (DLP), and Vulnerability Management.
Collaborate with Security Audit, Risk, and GRC teams to review acquisition risk assessments and plan remediation for findings related to:
- HIPAA compliance
- Penetration testing
- NIST Cybersecurity Framework (CSF) assessments
- CrowdStrike compromise assessments
- Company Minimum Necessary access policy requirements
Remediation, Audit & Evidence Management
Manage acquisition and technical teams through remediation implementation, ensuring timely resolution of findings.
Lead the initial collection, review, validation, and presentation of security evidence to Security Auditors, maintaining audit readiness and documentation accuracy.
Ensure remediation efforts are properly tracked, governed, and transitioned to operations.
Governance, Change & Compliance
Support risk governance by documenting and submitting change requests to the Change Review Committee (CRC).
Represent and present proposed changes to governance boards and executive stakeholders for approval.
Ensure all solutions comply with security, privacy, regulatory, and company policy requirements.
Incident Response, BC/DR & Operational Readiness
Collaborate with acquisition teams, threat monitoring/SOC, and Legal to document and obtain approval for incident response plans to be executed during security events.
Collaborate with Business Continuity and Disaster Recovery (BC/DR) teams to document acquisition specific continuity and recovery plans, ensuring preparedness for operational, cyber, or infrastructure incidents.
Support postimplementation reviews and ensure smooth transition to operational teams.
Secure SDLC & Security Awareness
Work with development teams to create, document, and obtain approval for a Systems Development Life Cycle (SDLC) aligned with company and security standards.
Ensure all acquisition employees complete required Security Awareness, Secure Coding, and Phishing training, with proper tracking and evidence for audit and compliance purposes.
Required Qualifications
Bachelor's degree in information technology, Computer Science, Business, or related field OR equivalent professional experience.
8–10+ years of progressive IT project management experience, including leading enterprise scale initiatives.
5+ years of experience managing projects involving security, risk, compliance, acquisitions, workflow platforms, or infrastructure systems.
Strong understanding of:
- Enterprise security controls and frameworks
- Storage architectures (SAN, NAS, cloud storage)
- Understanding of Cloud environments
- Workflow automation and systems integration
Proven experience managing cross functional, geographically distributed teams.
Excellent communication, leadership, documentation, and stakeholder management skills.
Preferred Qualifications
Project Management certification preferred: PMP and/or PMI-ACP.
Experience with cloud, hybrid, or digital transformation initiatives.
Experience operating in regulated environments (HIPAA, SOC, NIST, or similar).
Familiarity with IT service management, operational readiness, and audit processes.
Experience supporting M&A activity, including acquisition of security onboarding and remediation programs.
Additional Information
Location/Work Style: Remote OK
Why Humana?
At Humana, we know your well-being is important to you, and it’s important to us too. That’s why we’re committed to making resources available to you that will enable you to become happier, healthier, and more productive in all areas of your life. Just to name a few:
Work-Life Balance
Generous PTO package
Health benefits effective day 1
Annual Incentive Plan
401K - Excellent company match
Well-being program
Paid Volunteer Time Off
If you share our passion for helping people, we likely have the right place for you at Humana.
Work at Home Guidance
To ensure Home or Hybrid Home/Office associates’ ability to work effectively, the self-provided internet service of Home or Hybrid Home/Office associates must meet the following criteria:
At minimum, a download speed of 25 Mbps and an upload speed of 10 Mbps is recommended; wireless, wired cable or DSL connection is suggested
Satellite, cellular and microwave connection can be used only if approved by leadership
Associates who live and work from Home in the state of California, Illinois, Montana, or South Dakota will be provided a bi-weekly payment for their internet expense.
Humana will provide Home or Hybrid Home/Office associates with telephone equipment appropriate to meet the business requirements for their position/job.
Work from a dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information
SSN Alert Statement
Humana values personal identity protection. Please be aware that applicants may be asked to provide their Social Security Number, if it is not already on file. When required, an email will be sent from Humana@myworkday.com with instructions on how to add the information into your official application on Humana’s secure website.
Travel: While this is a remote position, occasional travel to Humana's offices for training or meetings may be required.Scheduled Weekly Hours
40Pay Range
The compensation range below reflects a good faith estimate of starting base pay for full time (40 hours per week) employment at the time of posting. The pay range may be higher or lower based on geographic location and individual pay will vary based on demonstrated job related skills, knowledge, experience, education, certifications, etc.
Description of Benefits
Humana, Inc. and its affiliated subsidiaries (collectively, “Humana”) offers competitive benefits that support whole-person well-being. Associate benefits are designed to encourage personal wellness and smart healthcare decisions for you and your family while also knowing your life extends outside of work. Among our benefits, Humana provides medical, dental and vision benefits, 401(k) retirement savings plan, time off (including paid time off, company and personal holidays, volunteer time off, paid parental and caregiver leave), short-term and long-term disability, life insurance and many other opportunities.
Equal Opportunity Employer
It is the policy of Humana not to discriminate against any employee or applicant for employment because of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or protected veteran status. It is also the policy of Humana to take affirmative action, in compliance with Section 503 of the Rehabilitation Act and VEVRAA, to employ and to advance in employment individuals with disability or protected veteran status, and to base all employment decisions only on valid job requirements. This policy shall apply to all employment actions, including but not limited to recruitment, hiring, upgrading, promotion, transfer, demotion, layoff, recall, termination, rates of pay or other forms of compensation and selection for training, including apprenticeship, at all levels of employment.