What are the responsibilities and job description for the Digital Security Product Manager position at CVS Health?
Job Description
Within CVS Health Digital, the security of our customer data and the applications we develop for them is paramount to our success. Security becomes a burden when it comes too late in the development cycle. At CVS Health Digital, we strive to shift security left into the hands of our developers to build secure applications. We do this by integrating security controls into our existing CICD pipelines and by building foundational security components that abstract the complexity and simplify integration into the various application teams across Digital.
A critical responsibility of a Digital Security Product Owner is to understand the common software security challenges within the organization, and to come up with operational procedures and security solutions the respective application teams can use to ensure we ship secure products. You will be responsible for identifying key metrics that measure success and that provide insights into to identify security areas the need focus. As a key security stakeholder within the Digital organization, the security product owner’s primary objective is to make security easy for developers, engineers, product managers, and security teams alike while most importantly ensuring Digital applications are secure by design.
Key responsibilities:
• Collaborate with stakeholders (including Scrum Teams & Values Streams) on feature requests around Security Compliance items to assess priority, value, and development cost
• Define and communicate the security backlog and strategy for SAFe teams and trains
• Understand internal customer needs to define short term and long-term product direction
• Decompose high-level requirements into user stories and tasks, manage and prioritize the product backlog, participate in scrums and meta-scrums, and validate delivered solution designs
• Understands, assesses and critiques the architecture proposed by the application architecture team and ensures the scrum team delivery is aligned to the solution’s mission
• Communicate security backlog and vision effectively to colleagues and Digital leadership
• Perform industry research as necessary to support feature development
• Partner with engineering teams to define, track and test user stories in an agile software development life-cycle
• Provide security product subject matter expertise and leadership
• Work with product management to track schedule against the roadmap and escalate risks/issues
• Explore new market space developments, and evaluating / understanding competitive tools
• Collaborate with the engineering team to prioritize security features and scan related findings and facilitate determining the best technical solutions.
Skills/Competencies
• Ensure product and security stakeholders’ needs and expectations are met
• Promote transparency by helping communicate through SAFe/SCRUM practices
• Collaborate with external vendors on requirements definition and feature development
• Ability to research competitive market solutions that strengthens security posture
• Collaboration with architecture, development, and design teams
• Start-up mentality and desire to innovate at a fast pace
• Passion for securing healthcare products
• Strong critical thinker who makes balanced, insightful decisions
• Ability to thrive in a fully SAFe-Agile development environment
• Maintain strong relationships across key stakeholders and constituents
• Engaging and concise speaking and presentation skills
Benefit Overview: For more information on our benefit programs, please visit https://jobs.cvshealth.com/benefits-cvs-health/
Pay Range
The typical pay range for this role is:
Minimum: 90,000
Maximum: 180,000
Please keep in mind that this range represents the pay range for all positions in the job grade within which this position falls. The actual salary offer will take into account a wide range of factors, including location.
Required Qualifications
• 3 years of product experience
• 1 year of experience with researching, designing, building, and deploying new security solutions and or improving the security of existing solutions within the security software development lifecycle
• 2 years of experience with various security tools: SAST, DAST, Container scans, SCA
• 2 years of experience security testing (pentests, API tests, Web Security Tests, BOT tests)
• 2 years of experience with DevSecOps concepts in agile environments
Preferred Qualifications
• Product Manager / Owner certification
• SANS GIAC, CISSP and related security certifications
• Preferred Locations: New York, New Jersey, Boston, Dallas, Atlanta
• Remote Flexible
Education
Bachelor's Degree or equivalent work experience
Business Overview
Bring your heart to CVS Health Every one of us at CVS Health shares a single, clear purpose: Bringing our heart to every moment of your health. This purpose guides our commitment to deliver enhanced human-centric health care for a rapidly changing world. Anchored in our brand — with heart at its center — our purpose sends a personal message that how we deliver our services is just as important as what we deliver. Our Heart At Work Behaviors™ support this purpose. We want everyone who works at CVS Health to feel empowered by the role they play in transforming our culture and accelerating our ability to innovate and deliver solutions to make health care more personal, convenient and affordable. We strive to promote and sustain a culture of diversity, inclusion and belonging every day. CVS Health is an affirmative action employer, and is an equal opportunity employer, as are the physician-owned businesses for which CVS Health provides management services. We do not discriminate in recruiting, hiring, promotion, or any other personnel action based on race, ethnicity, color, national origin, sex/gender, sexual orientation, gender identity or expression, religion, age, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. We proudly support and encourage people with military experience (active, veterans, reservists and National Guard) as well as military spouses to apply for CVS Health job opportunities.
Within CVS Health Digital, the security of our customer data and the applications we develop for them is paramount to our success. Security becomes a burden when it comes too late in the development cycle. At CVS Health Digital, we strive to shift security left into the hands of our developers to build secure applications. We do this by integrating security controls into our existing CICD pipelines and by building foundational security components that abstract the complexity and simplify integration into the various application teams across Digital.
A critical responsibility of a Digital Security Product Owner is to understand the common software security challenges within the organization, and to come up with operational procedures and security solutions the respective application teams can use to ensure we ship secure products. You will be responsible for identifying key metrics that measure success and that provide insights into to identify security areas the need focus. As a key security stakeholder within the Digital organization, the security product owner’s primary objective is to make security easy for developers, engineers, product managers, and security teams alike while most importantly ensuring Digital applications are secure by design.
Key responsibilities:
• Collaborate with stakeholders (including Scrum Teams & Values Streams) on feature requests around Security Compliance items to assess priority, value, and development cost
• Define and communicate the security backlog and strategy for SAFe teams and trains
• Understand internal customer needs to define short term and long-term product direction
• Decompose high-level requirements into user stories and tasks, manage and prioritize the product backlog, participate in scrums and meta-scrums, and validate delivered solution designs
• Understands, assesses and critiques the architecture proposed by the application architecture team and ensures the scrum team delivery is aligned to the solution’s mission
• Communicate security backlog and vision effectively to colleagues and Digital leadership
• Perform industry research as necessary to support feature development
• Partner with engineering teams to define, track and test user stories in an agile software development life-cycle
• Provide security product subject matter expertise and leadership
• Work with product management to track schedule against the roadmap and escalate risks/issues
• Explore new market space developments, and evaluating / understanding competitive tools
• Collaborate with the engineering team to prioritize security features and scan related findings and facilitate determining the best technical solutions.
Skills/Competencies
• Ensure product and security stakeholders’ needs and expectations are met
• Promote transparency by helping communicate through SAFe/SCRUM practices
• Collaborate with external vendors on requirements definition and feature development
• Ability to research competitive market solutions that strengthens security posture
• Collaboration with architecture, development, and design teams
• Start-up mentality and desire to innovate at a fast pace
• Passion for securing healthcare products
• Strong critical thinker who makes balanced, insightful decisions
• Ability to thrive in a fully SAFe-Agile development environment
• Maintain strong relationships across key stakeholders and constituents
• Engaging and concise speaking and presentation skills
Benefit Overview: For more information on our benefit programs, please visit https://jobs.cvshealth.com/benefits-cvs-health/
Pay Range
The typical pay range for this role is:
Minimum: 90,000
Maximum: 180,000
Please keep in mind that this range represents the pay range for all positions in the job grade within which this position falls. The actual salary offer will take into account a wide range of factors, including location.
Required Qualifications
• 3 years of product experience
• 1 year of experience with researching, designing, building, and deploying new security solutions and or improving the security of existing solutions within the security software development lifecycle
• 2 years of experience with various security tools: SAST, DAST, Container scans, SCA
• 2 years of experience security testing (pentests, API tests, Web Security Tests, BOT tests)
• 2 years of experience with DevSecOps concepts in agile environments
Preferred Qualifications
• Product Manager / Owner certification
• SANS GIAC, CISSP and related security certifications
• Preferred Locations: New York, New Jersey, Boston, Dallas, Atlanta
• Remote Flexible
Education
Bachelor's Degree or equivalent work experience
Business Overview
Bring your heart to CVS Health Every one of us at CVS Health shares a single, clear purpose: Bringing our heart to every moment of your health. This purpose guides our commitment to deliver enhanced human-centric health care for a rapidly changing world. Anchored in our brand — with heart at its center — our purpose sends a personal message that how we deliver our services is just as important as what we deliver. Our Heart At Work Behaviors™ support this purpose. We want everyone who works at CVS Health to feel empowered by the role they play in transforming our culture and accelerating our ability to innovate and deliver solutions to make health care more personal, convenient and affordable. We strive to promote and sustain a culture of diversity, inclusion and belonging every day. CVS Health is an affirmative action employer, and is an equal opportunity employer, as are the physician-owned businesses for which CVS Health provides management services. We do not discriminate in recruiting, hiring, promotion, or any other personnel action based on race, ethnicity, color, national origin, sex/gender, sexual orientation, gender identity or expression, religion, age, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. We proudly support and encourage people with military experience (active, veterans, reservists and National Guard) as well as military spouses to apply for CVS Health job opportunities.
Digital Product Manager (contract/hybrid)
LHH Recruitment Solutions -
Allen, VA
Product Designer (Digital Products)
SUPER RADIATOR COILS LIMITED PARTNERSHIP -
Richmond, VA
Digital Product Owner III
ZILLION TECHNOLOGIES, INC -
Allen, VA