Information Protection Advisor

As an Information Protection Advisor you will be asked to lead projects and initiatives regarding the assessment of the cybersecurity posture of business units throughout the organization and engage in the remediation and delivery of cybersecurity controls, products, and services for core business units.

Responsibilities

• Independently lead in the cybersecurity assessment of products, services, and business units against industry frameworks and regulations and evaluate risks to ensure compliance with cybersecurity policies and standards of the organization.
• Independently lead and plan projects involving the implementation and enhancement of cybersecurity controls and practices with other cybersecurity subject matter experts.
• Work with business and engineering units to understand and describe in detail how cybersecurity is implemented in the software and infrastructure to conform to cybersecurity best practices.
• Develop and write security documentation describing the business unit’s security capabilities that mitigate security risks as outlined by the organization.
• Develop management action plans with senior leaders in the organization to assist in the remediation of identified cybersecurity risks and provide reporting on non-compliance and audit deficiencies to senior leaders in the organization.
• Demonstrated ability to understand business processes and how they align with internal cybersecurity policies and any impacting regulatory requirements.
• Support as needed unscheduled but priority cybersecurity risk assessment requests specific to ad-hoc requests from business stakeholders.

Minimum Education:

• Bachelor's degree in Computer Science, or related field (e.g., cybersecurity) or the equivalent combination of education, training or experience
• At least five years of Information Security and Risk Management experience, including experience in developing Information Security Policies and security audit preparation.
• CISSP, CISA, or CIA preferred although specific years of experience may serve as substitutions in some areas

Qualifications:

• Knowledge of cybersecurity common frameworks NIST, HITRUST, ISO 27001, SOC2 and fundamentals of cybersecurity program management.
• Strong knowledge of Risk Management frameworks and principals, and GRC tools used to assess, track, and mitigate risk.
• Strong knowledge of Secure Software Development Lifecycles practices.
• Strong understanding of common cyber threat patterns, indicators of compromise, and defenses and emerging threats and techniques for exploiting security vulnerabilities.
• Strong understanding of network, storage, server, and application technologies and principals in regards to cybersecurity.

If you will be working at home occasionally or permanently, the internet connection must be obtained through a cable broadband or fiber optic internet service provider with speeds of at least 10Mbps download/5Mbps upload.

For this position, we anticipate offering an annual salary of 97,700 - 162,900 USD / yearly, depending on relevant factors, including experience and geographic location.

This role is also anticipated to be eligible to participate in an annual bonus plan.

We want you to be healthy, balanced, and feel secure. That’s why you’ll enjoy a comprehensive range of benefits, with a focus on supporting your whole health. Starting on day one of your employment, you’ll be offered several health-related benefits including medical, vision, dental, and well-being and behavioral health programs. We also offer 401(k) with company match, company paid life insurance, tuition reimbursement, a minimum of 18 days of paid time off per year and paid holidays. For more details on our employee benefits programs, visit Life at Cigna Group.

About Evernorth Health Services

Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.

If you require reasonable accommodation in completing the online application process, please email: SeeYourself@cigna.com for support. Do not email SeeYourself@cigna.com for an update on your application or to provide your resume as you will not receive a response.

The Cigna Group has a tobacco-free policy and reserves the right not to hire tobacco/nicotine users in states where that is legally permissible. Candidates in such states who use tobacco/nicotine will not be considered for employment unless they enter a qualifying smoking cessation program prior to the start of their employment. These states include: Alabama, Alaska, Arizona, Arkansas, Delaware, Florida, Georgia, Hawaii, Idaho, Iowa, Kansas, Maryland, Massachusetts, Michigan, Nebraska, Ohio, Pennsylvania, Texas, Utah, Vermont, and Washington State.