This job listing has expired and the position may no longer be open for hire.

Information Protection Senior Advisor at Cigna in Portsmouth, New Hampshire

Posted in General Business 30+ days ago.

Type: Full-Time





Job Description:

The Information Protection Senior Advisor is responsible for providing technical security risk assurance to Cigna business practice and to the confidentiality, integrity and resilience of Cigna information asset.

Enforcing standard information protection controls through infrastructure, application and third party security risk assessments. Balance multiple project priorities appropriately. Work with the wider Cigna Information Protection (CIP) teams as required to support reviews, security product implementations and security audits.

Fostering information protection culture among Cigna workforce through active partnership with Cigna business operations and IT leaders to identify information protection gaps and training needs, delivering business relevance information protection training and awareness alongside with Cigna global information protection training and awareness program.

Supporting the Regional Information Security Officer on cybersecurity dashboard reporting, coordination of incident responses, risk assessments and CIP led initiatives.

Key responsibilities:

o Communicate Cigna Information Protection Policies and Technical Security Standards to Cigna teams and ensure they are applied and implemented.

o Work closely with CIP US teams, global IT and business resources in support of CIP operating plan priorities as appropriate.

o Work closely with CIP US teams to leverage training/ awareness and subject matter expertise in support of operations.

o Work closely with enterprise and specific legal, compliance, privacy, and strategic sourcing teams to ensure information security policies and practices are aligned to applicable regional and local regulations.

o Maintain a trusted partnership with Cigna business and IT stakeholders in order to drive CIP initiatives and practices.

o Provide effective influence, to those not in direct reporting relationships, to mitigate information security risk through proactive collaboration and defined security risk management framework.

o Ensure a high-level of integration of application development with information security policies and strategies.

o Identify, evaluate, conduct, schedule and lead technical analyses functions to ensure all applicable IS security requirements are met.

o Provide technical analysis of requirements necessary for the protection of all information processed, stored, or transmitted by systems.

Infrastructure/Application reviews:

o Partner with CIP Global Security Assessment and Architecture Team to implement standard security solutions and capabilities that are aligned with business, technology and threat drivers.

o Perform focused risks assessments of existing or new services and technologies, security architecture, identify design gaps, risks, and recommend enhancements.

o Communicate risk assessment findings to Cigna internal 'customers' and business partners. Explore risk mitigation controls.

o Serve as an information security expert and trusted advisor to partners in IT and business units

o Evaluate compliance of operation processes with Information Protection policies and technical security standards, and relevant government regulations, HIPAA, GDPR, etc. and applicable sectoral security requirements, e.g., PCI DSS, etc.

o Identify and implement appropriate controls to effectively manage information risks as needed

o Identify opportunities to improve security risk posture, develop solutions for remediating or mitigating risks and assessing residual risks.

o Maintain solid working relationships with senior management, individuals and groups involved in managing information risks across the organization.

o Stay abreast of current and emerging security threats and designs security architectures to mitigate them.

3 rd Party/ Vendor Security Assessment:

o Partner with CIP 3rd party management team and conduct risk assessment on perspective service partners through Cigna 3 rd Party Security Evaluation (3PSE) engagement process. Help carry out periodic 3PSE on current Cigna service partners as per Cigna corporate policies.

o Evaluate IT processes to ensure effective information protection is in place. Produce site visit report with security findings observed during the site visit and recommend remedial actions with agreed timescale and resource. Monitor progress on remedial actions until closure.

o Partner with Cigna 3 rd party management team, legal, privacy and compliance teams, provide information protection expertise in reviewing and redline master service agreement, statement of work, etc.

o Attend demonstrations of 3 rd party applications and prepare reports on potential security risks or infrastructure security issues and recommendations for remediation.

o Review security reports for abnormalities and facilitate remediation as needed.

o Work with 3 rd party management team on contracts to include security terms.

o Escalate to relevant CIP individuals and teams on security issues related to 3 rd party management.

Support the Regional Information Security Officer:

o Security incident coordination. Provide on-site assistance in incident situations.

o Monthly management dashboard reporting.

o Help coordinate CIP initiatives.

o Help support the active remediation of open finding and vulnerabilities aligned to IM NA.

Key Skills Required:

o Global Health Insurance or Health Care Industry experience.

o IT security and information security risk management experience in complex IT environment.

o Ability to multitask and response in a timely manner.

o Ability to grasp and understand complex organizational structure and relationships.

o Organizational courage to assess, escalate and resolve security risks and issues.

o Flexible and adaptive to changing organizational and business needs, technological advances and agile methodology.

o Demonstrate technical skills in infrastructure, application and third party security assessments.

o Experience with key cloud services, e.g., AWS, Oracle, Salesforce, etc. and their security assurance frameworks.

o Experience with developing and delivering information protection training

Education/Experience Preferred:

o Bachelor degree or Master degree, desirable, in IT and IT security discipline

o CISSP, CISA, CISM, CRISC or IT security relevant certifications

o Broad high level knowledge, hands-on experience, and exposure to a wide range of IT subject areas, business, IT & physical controls

o Strong written and spoken English skills.

o Experience and working knowledge of ISO 27001 certification is a plus.

o Experience with process and change management, reporting and incident handling.

o Experience and working knowledge on IT security compliance requirements in the scope of key global, regional and local regulations, e.g., HIPAA, GDPR, etc.

o 5-10 years of relevant information protection experience.

This position is not eligible to be performed in Colorado.

About Cigna

Cigna Corporation exists to improve lives. We are a global health service company dedicated to improving the health, well-being and peace of mind of those we serve. Together, with colleagues around the world, we aspire to transform health services, making them more affordable and accessible to millions. Through our unmatched expertise, bold action, fresh ideas and an unwavering commitment to patient-centered care, we are a force of health services innovation. When you work with us, or one of our subsidiaries, you'll enjoy meaningful career experiences that enrich people's lives. What difference will you make?

Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.

If you require reasonable accommodation in completing the online application process, please email: SeeYourself@cigna.com for support. Do not email SeeYourself@cigna.com for an update on your application or to provide your resume as you will not receive a response.





More jobs in Portsmouth, New Hampshire

Admin - Clerical
about 12 hours ago

Edward D. Jones
Other
about 15 hours ago

FedPoint
Other
1 day ago

ALDI
More jobs in General Business

General Business
21 minutes ago

GXO Logistics Supply Chain, Inc.
General Business
21 minutes ago

GXO Logistics Supply Chain, Inc.
General Business
21 minutes ago

GXO Logistics Supply Chain, Inc.