Cyber Security Senior Analyst

The Cyber Security Senior Analyst- Penetration Testing is responsible for conducting vulnerability assessments threat modeling penetration tests of Cigna s IT infrastructure and applications This role will work closely with the Information Protection Senior Manager to identify evaluate and remediate potential weaknesses in Cigna s systems using both manual and automated methods About Cigna Cigna is a global health service company dedicated to helping the people we serve improve their health well-being and peace of mind But we don t just care about your well-being we care about your career health too That s why when you work with us you can count on a different kind of career - you ll make a difference learn a ton and share in changing the way people think about healthcare Qualifications High School diploma Bachelor s degree preferred 3-5 years or more of penetration testing experience Pentest CEH PJPT - Certified in or similar experience any of these Passionate about security and finding new ways to break into systems as well as defend them Strong analytical and problem solving skills with the ability to think outside the box Ability to work in a flexible environment where requirements and procedures continuously evolve Strong oral and written communication skills including a demonstrated ability to prepare documentation and presentations for technical and non-technical audiences Responsibilities Execute internal and external penetration tests against corporate web applications APIs networks infrastructure and operating systems in order to discover vulnerabilities Execute mobile application penetration tests for both Android and iOS based devices Execute penetration tests in cloud-hosted environments Create comprehensive and accurate penetration testing reports with recommendations for appropriate remediation and communicate risk findings with development and infrastructure teams Develop scripts tools or methodologies to enhance Cigna s penetration testing processes Work as part of a team to identify risks communicate to key stakeholders and provide value to the organization Skills required Demonstrated ability to work as both an individual contributor and a team player in a fast paced environment Coordinate with people and teams to forecast activity completion and the ability to work in a team environment sharing workloads and responsibilities Knowledge of Windows and nix-based operating systems Understanding of core Internet protocols e g TCP UDP DNS HTTP TLS IPsec and the OSI model Understanding of encryption fundamentals symmetric asymmetric ECB CBC operations AES etc Understanding of Cloud environments such as SaaS PaaS and IaaS Basic exploit development and validation skills Proficiency in application vulnerability assessment tools Burp or ZAP Proxy Proficiency in network and server assessment tools e g Nessus metasploit nmap nikto etc Understanding of web application frameworks React Springboot Ruby on Rails J2EE PHP ASP NET Proficiency in manual and automated techniques for penetration testing and executing vulnerability assessments Knowledge of networking fundamentals and common attacks Coding scripting experience in modern scripting languages e g Python Ruby PowerShell Understanding of Android iOS based platforms e g Java Swift Objective C Ability to analyze vulnerabilities and misconfigurations appropriately characterize threats and provide remediation recommendations About Evernorth Health Services Evernorth Health Services a division of The Cigna Group creates pharmacy care and benefit solutions to improve health and increase vitality We relentlessly innovate to make the prediction prevention and treatment of illness and disease more accessible to millions of people Join us in driving growth and improving lives