Lead Director - Third Party Security, Assessment Operations

CVS Health

Remote

Quick summary

Work type
Remote
Location
Remote
Salary
$144,200–$288,400 / yr
Posted
6 days ago
Closes
Jul 6, 2026

Market check

Salary context

Above market

How this pay compares to similar roles

Similar $200k
This role $216k
$127k most similar roles pay here $306k

This role pays more than 66% of similar roles. Most pay $163,900–$235,475 — the shaded band above. At the midpoint, this role pays about $216k versus about $200k for comparable roles.

Based on 239 similar postings.

Employer

About CVS Health

CVS Health is a leading American healthcare company operating retail pharmacies, pharmacy benefit management services, and a health insurance segment through Aetna, one of the nation''s largest health insurers. Industry: Healthcare & Pharmacy

CVS Health currently has 407 open roles on FindRole.

Listed pay typically runs $118,450–$284,280 across 133 roles with salary data.

Most-posted roles

View all roles at CVS Health

At a glance

TL;DR · Lead Director - Third Party Security, Assessment Operations

Role Posting Log in to save

The Lead Director of Third-Party Security Assessment & Risk Operations is a senior leadership role within an organization's security team, responsible for safeguarding the enterprise by ensuring third parties meet stringent security standards. This position involves leading the end-to-end lifecycle of third-party security assessments, identifying risks early and implementing effective mitigation strategies. The director will build and advance a scalable risk-based assessment program, partnering with Procurement, Legal, Compliance, and business units to embed security into vendor lifecycles. Key responsibilities include managing a high-performing team, conducting detailed control testing, and ensuring regulatory compliance across various frameworks like HIPAA and PCI-DSS. The role requires extensive experience in information security, risk management, and leading Third Party Security Risk programs at enterprise scale, along with proficiency in GRC tooling and AI-based solutions to enhance operational efficiency.

Skills

Archer SecurityScorecard ServiceNow BlackKite GRC AI CI/CD HIPAA PCI-DSS NIST ISO 27001/27036 SOC 2 KPIs KRIs Python SQL PostgreSQL AWS Azure Google Cloud

What you'll do

  • Own and continuously mature the enterprise Third Party Security program.
  • Direct staff in developing and maintaining security assessment practices for third parties.
  • Lead detailed control testing, regulatory audit scenarios, and compliance validation activities.
  • Develop risk-based remediation strategies from assessment findings and lessons learned.
  • Ensure organizational adherence to local, national, and international regulatory requirements.
  • Serve as a trusted advisor on third party cyber security matters to senior executives.
  • Define and monitor KPIs and KRIs to measure program effectiveness and drive improvement.

What we're looking for

  • Over 10 years of progressive Information Security experience in risk management, architecture, and engineering.
  • At least 7 years of leadership experience managing security professionals in direct and matrixed structures.
  • Proven track record of building and leading Third Party Security Risk programs at enterprise scale for over 5 years.
  • Extensive experience (5+ years) in detailed control testing, regulatory audits, and compliance assessments.
  • Demonstrated ability to implement security controls within third-party environments supporting large enterprises.
  • Strong communication skills with the ability to translate technical risk into business language for non-technical audiences.

Related searches

More Lead Director jobs Remote Lead Director jobs All jobs at CVS Health

More like this

Similar roles

Director, Security

Invenergy

Chicago, IL 2 days ago $149,000$206,000
NERC CIP Risk Management Vendor Risk Management Geopolitical Analysis Threat Intelligence Security Technologies Information Systems CI/CD Kubernetes AWS Azure GCP Terraform Docker Python PostgreSQL SQL Git Jira Confluence
Save

Director of Security Technology Engineering and Operations

US Bank

Cincinnati, OH +4 11 days ago $164,390$193,400
AWS Azure GCP CI/CD Kubernetes Terraform Python PostgreSQL Docker Prometheus Grafana CISSP CISM CRISC Advanced detection technologies Deception technology AI-enabled security capabilities Metric-driven operations Multi-cloud security
Hybrid
Save

Director, Security Architecture

Cardinal Health

25 days ago $135,400$208,100
NIST CSF ISO 27001 DevSecOps CI/CD Cloud Security Architecture Terraform AWS Kubernetes Python PostgreSQL Grafana Prometheus Docker TOGAF SABSA CISSP CCSP
Save

Director, Application Security, Cybersecurity Defense

Cardinal Health

Remote 25 days ago $135,400$208,100
CI/CD DevSecOps SAST DAST SCA IAST OWASP NIST CSF ISO 27001 API security WAF Cloud-native architectures Secure coding standards Kubernetes AWS Python PostgreSQL Terraform GitLab Jenkins
Remote
Save

Manager, Cyber Risk & Analysis

Capital One Financial

McLean, VA +1 46 days ago $164,800$188,100
NIST PCI DSS ISO 27001 CI/CD Kubernetes AWS Azure GCP Terraform Python SQL PostgreSQL Docker Prometheus Grafana GitLab Jira Confluence Visio PowerPoint Tableau Splunk SIEM SOC 2 CIS Controls FFIEC ENS Lince NIST CSF NIST 800-53 CISSP CISM CRISC
Save

Associate Director, IT Architecture

Gilead Sciences

Remote 5 days ago $195,670$253,220
AWS Azure Kubernetes Terraform Python Java PostgreSQL CI/CD ITIL SSAE16 ISO/IEC 2700x NIST 800-53 COBIT HITRUST HIPAA PCI Docker Prometheus
Remote
Save