Information Protection Lead Analyst at Cigna in Bloomfield, Connecticut

Job Description:

As a member of the Cigna Information Protection Threat Response Unit, the Threat Intelligence Operations role will be part of the team responsible for the enterprise wide curation of all collected data and indicators, ensuring indicators are properly curated and ensure that alerts are effectively enriched for the SOC. Threat Intelligence Operators will maintain a partnership and coordinate with Incident Response, Red Team, Threat Hunt, Engineering and others to automate tasks within Cigna's orchestration and automation platform. To be successful, it is critical that Threat Intelligence Operators have strong Cyber security experience, coupled with a practical understanding of Threat Intelligence and a strong development and automations background.

Essential Duties and Responsibilities:

• Evaluate new threat feed sources and assist in the assessment of Cigna's security and overall IT infrastructure to determine points of integration


• Review existing threat feed sources, evaluate effectiveness of the ingestion of indicators and recommend improvements


• Support and coordinate the creation and automation of threat specific playbooks


• Support collection and processing efforts for tracking and researching threat activity trends in support of Threat Intelligence requirements


• Identify and coordinate collection automation efforts


• Track and support metrics around the efficacy of collection sources


• Support team members in methods to process and automate tactical mitigations based on results of analysis and determination of threat validity

Knowledge, Skills and Abilities:

• Strong understanding of and experience with threat models and frameworks including MITRE, Kill Chain, etc.


• Ability to communicate effectively, both orally and in writing, with senior management, information systems professionals, and technical and non-technical users


• Ability to maintain effective working relationships with colleagues, users, contractors, and vendors


• Has in-depth knowledge of security systems and understands the life cycle of network threats, attacks, attack vectors, and methods of exploitation


• Possesses the ability to use in-depth knowledge to identify and present actionable intelligence to team members and senior leadership


• Ability to quickly and effectively digest disparate data sources to determine security implications and risk levels


• Able to provide recommendations of security improvements by assessing current efficacy of current capabilities/solutions, evaluating trends and anticipating requirements

Technical Skills Required:

• Fundamental understanding of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols


• Foundational experience with log analysis, traffic flow analysis and experience with associated infrastructure and systems to aid in the identification of malware or other malicious behavior


• Construct and deconstruct threat intelligence to assist in the detection of and response to threat actors.


• Manage, share, and receive intelligence on adversary groups


• Programming and scripting skills to assist in automation activities


• Demonstrated skill in leveraging APIs to accomplish automation

Soft Skills:

• Demonstrated ability to work in a team environment both in-person and remotely


• Ability to effectively prioritize tasks


• Effective written and verbal communication skills


• Strong analytical skills


• Ability to operate and contribute effectively as a remote member of a global Information Protection team


• Strong analytical and problem solving skills

Education Requirements:

• Bachelor degree in Computer Science, Information Technology or equivalent practical experience


• 1-2 years of Cyber Security focused experience, threat intelligence or related IT experience

Preferred Qualifications:

• Scripting in languages such as Python, Perl, Powershell and a deep understanding of command line across Linux, Unix, OSX, Windows, etc.


• Experience performing Cyber Threat Intelligence work in a Military/Government or private sector organization.

If you will be working at home occasionally or permanently, the internet connection must be obtained through a cable broadband or fiber optic internet service provider with speeds of at least 10Mbps download/5Mbps upload.

For this position, we anticipate offering an annual salary of 78,200 - 130,300 USD / yearly, depending on relevant factors, including experience and geographic location.

This role is also anticipated to be eligible to participate in an annual bonus plan.

We want you to be healthy, balanced, and feel secure. That's why you'll enjoy a comprehensive range of benefits, with a focus on supporting your whole health. Starting on day one of your employment, you'll be offered several health-related benefits including medical, vision, dental, and well-being and behavioral health programs. We also offer 401(k) with company match, company paid life insurance, tuition reimbursement, a minimum of 18 days of paid time off per year and paid holidays. For more details on our employee benefits programs, visit Life at Cigna .

About Cigna

Cigna Corporation exists to improve lives. We are a global health service company dedicated to improving the health, well-being and peace of mind of those we serve. Together, with colleagues around the world, we aspire to transform health services, making them more affordable and accessible to millions. Through our unmatched expertise, bold action, fresh ideas and an unwavering commitment to patient-centered care, we are a force of health services innovation. When you work with us, or one of our subsidiaries, you'll enjoy meaningful career experiences that enrich people's lives. What difference will you make?

Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.

If you require reasonable accommodation in completing the online application process, please email: SeeYourself@cigna.com for support. Do not email SeeYourself@cigna.com for an update on your application or to provide your resume as you will not receive a response.

Cigna has a tobacco-free policy and reserves the right not to hire tobacco/nicotine users in states where that is legally permissible. Candidates in such states who use tobacco/nicotine will not be considered for employment unless they enter a qualifying smoking cessation program prior to the start of their employment. These states include: Alabama, Alaska, Arizona, Arkansas, Delaware, Florida, Georgia, Hawaii, Idaho, Iowa, Kansas, Maryland, Massachusetts, Michigan, Nebraska, Ohio, Pennsylvania, Texas, Utah, Vermont, and Washington State.