Principal Cybersecurity Strategist

The Principal Cybersecurity Strategist serves as the enterprise thought leader and primary architect of the EIP Cybersecurity Strategy. This role is accountable for shaping, evolving, and governing a multi‑year cybersecurity strategy that enables business priorities, strengthens enterprise resilience, and advances security maturity across Humana.

Operating as a senior advisor to executive leadership, this role translates business objectives, risk posture, regulatory expectations, and emerging technology trends into a coherent, prioritized, and achievable cybersecurity roadmap. The Principal Cybersecurity Strategist partners closely with EIP leaders, technology teams, and business stakeholders to drive execution, investment decisions, and measurable outcomes.

Key Responsibilities

• Strategic Leadership: Define, develop, and continually advance EIP's long-term cybersecurity strategy, ensuring alignment with corporate goals and evolving risk landscapes. Set direction for capability development, maturity roadmaps, and investment priorities over a three-year horizon.
• Board Engagement: Develop and present executive and board-level materials, articulating cybersecurity vision, strategic priorities, maturity metrics, and progress against objectives. Serve as a strategic advisor to senior leadership and board stakeholders.
• Healthcare & Financial Services Expertise: Leverage deep experience in healthcare and/or financial services to inform strategy and ensure compliance with sector-specific regulatory frameworks (e.g., HIPAA, PCI DSS, SOX).
• AI Security & Implementation: Lead the strategic integration of AI into cybersecurity operations, ensuring secure adoption, risk mitigation, and compliance. Advise on AI security trends, regulatory implications, and best practices for responsible implementation.
• Program Maturity & Capability Growth: Architect and execute initiatives to advance cybersecurity program maturity, talent development, and operational excellence. Establish frameworks for continuous assessment, capability benchmarking, and value creation.
• Investment Prioritization: Direct the allocation of resources and investment in cybersecurity capabilities, controls, and technologies based on risk, business value, and strategic impact.
• Organizational Change Management: Drive a security-centric culture through enterprise change management strategies, maximizing adoption of strategic priorities and minimizing resistance across a matrixed organization.
• Consultative Leadership: Provide consultative expertise to EIP department leaders, project teams, and cross-functional partners to ensure strategic alignment and integration of cybersecurity priorities at every stage of project and program lifecycles.
• Core Competencies
• • Strategic Vision & Influence
  • Information Security Management
  • Organizational Change Leadership
  • Business Intelligence & Data Analysis
  • Security Risk Management
  • Executive Communication
  • Problem Solving
  • Leadership in Complex, Matrixed Environments

Required Qualification

Use your skills to make an impact

• Bachelor's degree or higher in cybersecurity, information technology, business, economics, organizational management, or related field.
• Significant cybersecurity strategy experience, including enterprise‑level planning and transformation.
• Demonstrated success in developing and presenting cybersecurity strategies at the board/executive level.
• Significant experience advancing cybersecurity maturity and capabilities in healthcare and/or financial services environments.
• Proven expertise in AI security and the secure implementation of AI in cybersecurity practice.
• In-depth knowledge of regulatory and compliance frameworks relevant to healthcare and financial services.
• Consulting skills.
• Experience leading large-scale organizational change and adoption of new technologies, processes, and systems.

Preferred Qualifications

• MBA or Master's degree in Computer Science, Information Technology, or a related discipline.
• Professional cybersecurity certifications (e.g., CISSP, CISM, CISA).
• Experience with project security phases, cloud security policies, and identity and access management.
• Familiarity with security review processes and strategic consulting frameworks.

Remote/WAH Requirements

• WAH requirements: Must have the ability to provide a high speed DSL or cable modem for a home office. Associates or contractors who live and work from home in the state of California will be provided payment for their internet expense.
• A minimum standard speed for optimal performance of 25x10 (25mpbs download x 10mpbs upload) is required.
• Satellite and Wireless Internet service is NOT allowed for this role.
• A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information