We’re building a world of health around every individual — shaping a more connected, convenient and compassionate health experience. At CVS Health®, you’ll be surrounded by passionate colleagues who care deeply, innovate with purpose, hold ourselves accountable and prioritize safety and quality in everything we do. Join us and be part of something bigger – helping to simplify health care one person, one family and one community at a time.

Senior Manager, Regulatory Technology Engineering

Position Summary

The Senior Manager, Regulatory Technology Engineering is a highly technical leader responsible for defining, engineering, and executing the strategic direction of Compliance and Audit Technology across CVS Health’s Digital, Data, Analytics & Technology (DDAT) Compliance organization. In this role, you will apply deep technical expertise to design, modernize, and operationalize technology solutions that support SOX, SOC 1, SOC 2, PCI, HITRUST, NIST 800‑53, NYDFS, and other cybersecurity and regulatory frameworks.

You will partner closely with engineering teams, process and control owners, and security architects to develop robust audit‑ready control environments and automate evidence collection for complex, modern technology stacks including cloud-native platforms, distributed systems, AI/ML pipelines, and DevSecOps toolchains. This role requires an engineering mindset and the ability to translate regulatory requirements into scalable technical controls, automated testing approaches, and measurable compliance indicators.

You will lead the development and continuous improvement of compliance tooling, control processes, dashboards, and metrics. Additionally, you will collaborate with IT, business partners, Learning and Development, Internal Audit, Legal, and external assessors to ensure alignment, transparency, and consistent execution across the Technology Compliance Program.

Required Qualifications

• 7+ years of technical project or program leadership, driving engineering initiatives across cross‑functional teams in highly collaborative environments.
• 7+ years of software engineering or software development experience, with a strong understanding of modern architectures and engineering practices.
• 5+ years of experience in internal audit, external assessments, risk management, regulatory compliance, or information security within a corporate environment.
• 5+ years of experience with audit methodologies, internal control frameworks, risk assessments, and control testing techniques, with the ability to apply them to cloud and modern technology environments.
• 3+ years of hands-on experience with cloud security engineering, architecture, and/or automation, including designing or evaluating technical controls in cloud-native platforms (AWS, Azure, GCP).

Preferred Qualifications

• Strong understanding of the software development lifecycle (SDLC) and secure development practices.
• Experience with AI/ML platforms, tools, and related risk considerations.
• Understanding of regulatory frameworks and security standards such as NIST, ISO, HITRUST, HIPAA, PCI, SOC 1/SOC 2, and SOX, with the ability to interpret and translate requirements into technical solutions.
• Experience with DevOps/DevSecOps, CI/CD pipelines, infrastructure‑as‑code, and modern cloud infrastructure and cybersecurity patterns.
• Ability to document and translate complex technical requirements for development team consumption.
• Strong attention to detail with exceptional analytical and problem‑solving skills; able to evaluate technical systems, identify risks, and propose pragmatic solutions.
• Demonstrated ability to influence across engineering, security, and business teams, building strong relationships with technical and non‑technical stakeholders.
• Excellent written and verbal communication skills, capable of explaining complex technical and regulatory concepts in a clear and concise manner.
• Experience working with risk management frameworks and identifying cybersecurity risks in modern technology environments.
• Strong program management skills, including strategic planning, road mapping, and technical project execution.
• Industry experience in Healthcare, Insurance, or Retail is a plus.
• Relevant certifications such as CCSK, CCSP, CISSP, CRISC, or similar credentials.

Education

• Bachelor's degree in Computer Science, Cybersecurity, Engineering, or equivalent experience (High School Diploma and 4+ years relevant experience).

Pay Range

The typical pay range for this role is:

This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls.  The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors.  This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above.  This position also includes an award target in the company’s equity award program. 
 

Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong.

Great benefits for great people

We take pride in our comprehensive and competitive mix of pay and benefits – investing in the physical, emotional and financial wellness of our colleagues and their families to help them be the healthiest they can be. In addition to our competitive wages, our great benefits include:

• Affordable medical plan options, a 401(k) plan (including matching company contributions), and an employee stock purchase plan.

• No-cost programs for all colleagues including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.

• Benefit solutions that address the different needs and preferences of our colleagues including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.

For more information, visit https://jobs.cvshealth.com/us/en/benefits

Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.