Information Protection Associate Advisor [T500-13218]

About Evernorth:

Evernorth Health Services, a division of The Cigna Group (NYSE: CI), creates pharmacy, care, and benefits solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention, and treatment of illness and disease more accessible to millions of people.

Job Description:

Mission Statement:

Cigna Information Protection's mission is to protect customer data from unauthorized access by preventing, detecting and responding to internal and external cyber security threats. The Vulnerability Management team contributes to that mission by heightening risk visibility.

Overview:

The Information Protection Lead Analyst will work as part of a vulnerability management and application security team to govern vulnerabilities, misconfigurations and findings. The ideal candidate must be self-directed and a fast learner, flexible enough to work with new technologies and deliver high quality solutions in a timely manner. The candidate will enable stakeholders, governance organizations, and infrastructure and security teams to effectively manage technology risk.

Our Team's Principles:

Commitment We are owners and long-term thinkers.

Invent and simplify We do more with less, it is important innovate and find ways to simplify.

Disagree and commit Respectfully challenge decisions. Once a decision is determined, we commit and execute.

Data-driven Ensuring our customers have all on-time, accurate data to make decisions is an obsession.

Sense of humor We keep things light, we check on one another and take things as they come.

Skills and Experience:

• 5-8 years of experience in application security experience.
• Penetration Testing and Perimeter exposure governance
• Penetration Testing lifecycle governance track, monitor, advice in the remediation efforts of findings.
• Rate and prioritize vulnerabilities to determine priority by line of business
• Maintain, build and assess tests results to identify gaps in remediation
• Build relationships with enterprise system owners in order to influence the remediation of vulnerabilities.
• Develop processes and schedule time to review existing methodologies and queries for all customer defined metrics.
• Understand the role of vulnerability management and governance.
• Prepares, evaluates and presents security gaps and recommendations to senior leaders.
• Maintenance, configuration and implementing products, appliances and devices.
• Ability to conduct data mining on csv files, Phyton or other language preferred.
• Prepare weekly, monthly, quarterly and yearly metrics.
• Provide support to Business Information Security Officers and Penetration Testing team.
• Support global teams in off-hours meetings as needed.
• Stay current with threat landscape.

Preferred Qualifications:

• Previous IT project management experience Preferred
• Network and end point security experience Preferred
• Previous vulnerability management experience Preferred
• Self-starter with ability to drive an item from concept to full implementation with minimal guidance
• Ability to prioritize and complete multiple tasks on tight deadlines
• Ability to conduct thorough analysis and recommend data driven actions
• Focused curiosity and drive to independently push through ambiguity to obtain results
• Strong oral & written communication, listening and presentation skills.