Cigna Information Protection Sr. Advisor at Cigna in Bloomfield, Connecticut

Job Description:

Role Summary

Job Objective:

The Information Protection Senior Advisor is responsible for providing general technical, operational and review support to Cigna's Information Protection (CIP) Organization.

This role will support in enforcing standard information protection controls through infrastructure, application and third party security assessments. Balance multiple project priorities appropriately. Work with the Cigna Information Protection team as required to support reviews, product implementations and security audits.

Support the Management team (Regional Information Security Officer and Senior Manager) on dashboard reporting, coordination of incident responses, risk assessments and CIP led initiatives.

Job Description:

Infrastructure/Application reviews:

• Partners with the enterprise to implement standard security solutions and capabilities that are aligned with business, technology and threat drivers


• Performs focused risks assessments of existing or new services and technologies, security architecture, identifies design gaps, risks, and recommends enhancements


• Communicates risk assessment findings to information security "customers," or business partners. Explore risk mitigation controls


• Serves as an information security expert and trusted advisor to partners in IT and the business


• Evaluate compliance of operation processes with Information Protection policies and related government regulations


• Identifies and implements appropriate controls to effectively manage information risks as needed


• Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing residual risk


• Maintains strong working relationships with individuals and groups involved in managing information risks across the organization


• Stays abreast of current and emerging security threats and designs security architectures to mitigate them

Service Partner Security Assessment:

• Plan and perform site reviews of physical and IT facilities, measuring actual conditions against submitted responses. Evaluate IT processes to ensure effective information protection is practiced. Produce site visit reports with improvement recommendation. Track improvement efforts until closure.


• Perform general walkthrough evaluations of new facilities and processes under consideration. Provide recommendation to business.


• Meet with vendors and employees to resolve or track compliance issues.


• Attend demonstrations of applications and prepare reports on potential for data leakage or infrastructure security issues.


• Review any regular security reports for abnormality.


• Work with supplier chain management on contracts to include security terms.


• Escalation to the fellow CIP team on security issues related to service partners.

Support the Management team (Regional Information Security Officer and Senior Manager):

• Work with individual local security teams assigned to ensure security controls applied are compliant to CIP policies and standards


• Work with the RISO on managing security incidents


• Regular risk & activity reporting


• Issue tracking with local security teams


• Review and approval of application/infrastructure changes in terms of security


• Coordinate CIP initiatives with other countries as required


• Maintain strong working relationships with individuals and groups involved in managing information risks across the organization


• Partner with the CIP and IT teams to implement standard security solutions and capabilities that are aligned with business, technology and threat drivers


• Stay abreast of current and emerging security threats and security architectures to mitigate the threats

Skills Needed:

• Health Insurance or Health Care Industry experience preferred


• Ability to multitask and timely execute


• Ability to grasp and understand complicated relationships


• Proven Communication skills, able to write and verbally communicate effectively


• Organizational courage to escalate and resolve risk issues


• Flexible can adapt to changing organization changing business needs, technological advances and agile methodology


• Demonstrates technical skills in infrastructure, application and third party security assessments.


• Self-starter and shows empathy towards business requirements and able to influence changes to facilitate security


• Experience with assessing and mitigating risk


• Experience with contracting and negotiations


• Travel required, approximately 10%

Qualifications:

• BS degree or equivalent experience


• CISSP, CISA, CISM, CRISC or similar certifications preferred


• Broad high level knowledge, hands-on experience, and exposure to a wide range of IT subject areas, business, IT & physical controls


• Strong written and spoken English skills


• Qualified candidates will typically have 8+ of professional IT experience work experience, and 4 years in information security


• Experience and working knowledge of PCI DSS & ISO 27001 certification is a plus


• Experience with process and change management, reporting and incident handling.


• Demonstrated ability to communicate at high levels, both verbally and in reporting


• Excellent problem identification, solving and critical reasoning skills.


• Ability to work successfully with a minimum of supervision in a fast paced and sometimes pressured environment.

If you will be working at home occasionally or permanently, the internet connection must be obtained through a cable broadband or fiber optic internet service provider with speeds of at least 10Mbps download/5Mbps upload.

For this position, we anticipate offering an annual salary of 108,500 - 180,800 USD / yearly, depending on relevant factors, including experience and geographic location.

This role is also anticipated to be eligible to participate in an annual bonus plan.

We want you to be healthy, balanced, and feel secure. That's why you'll enjoy a comprehensive range of benefits, with a focus on supporting your whole health. Starting on day one of your employment, you'll be offered several health-related benefits including medical, vision, dental, and well-being and behavioral health programs. We also offer 401(k) with company match, company paid life insurance, tuition reimbursement, a minimum of 18 days of paid time off per year and paid holidays. For more details on our employee benefits programs, visit Life at Cigna .

About Cigna

Cigna Corporation exists to improve lives. We are a global health service company dedicated to improving the health, well-being and peace of mind of those we serve. Together, with colleagues around the world, we aspire to transform health services, making them more affordable and accessible to millions. Through our unmatched expertise, bold action, fresh ideas and an unwavering commitment to patient-centered care, we are a force of health services innovation. When you work with us, or one of our subsidiaries, you'll enjoy meaningful career experiences that enrich people's lives. What difference will you make?

Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.

If you require reasonable accommodation in completing the online application process, please email: SeeYourself@cigna.com for support. Do not email SeeYourself@cigna.com for an update on your application or to provide your resume as you will not receive a response.

Cigna has a tobacco-free policy and reserves the right not to hire tobacco/nicotine users in states where that is legally permissible. Candidates in such states who use tobacco/nicotine will not be considered for employment unless they enter a qualifying smoking cessation program prior to the start of their employment. These states include: Alabama, Alaska, Arizona, Arkansas, Delaware, Florida, Georgia, Hawaii, Idaho, Iowa, Kansas, Maryland, Massachusetts, Michigan, Nebraska, Ohio, Pennsylvania, Texas, Utah, Vermont, and Washington State.