Information Protection Senior Analyst

About Evernorth Cigna is a global health service company dedicated to helping the people we serve improve their health well-being and peace of mind But we don t just care about your well-being we care about your career health too That s why when you work with us you can count on a different kind of career - you ll make a difference learn a ton and share in changing the way people think about healthcare Summary The Information Protection Senior Analyst is responsible for providing general technical operational and risk management support to Cigna s Information Protection CIP Middle East and Africa MEA team This role will support in enforcing standard information protection controls through infrastructure application and third-party security assessments Work with the Cigna Information Protection team as required to support vulnerability assessments assisting with penetration tests tracking and remediation of findings This role will work closely with the CIP MEA team to identify evaluate and remediate potential weaknesses in Cigna s systems using both manual and automated methods In addition this role will support the dashboard reporting coordination of incident responses risk assessments and other CIP led initiatives Responsibilities Perform regular risk activity reporting on Key Risk Indicators KRI and Key Performance Indicators KPI Perform issue tracking and resolution with local security teams Work with CIP MEA team and key stakeholders to managing security incidents relevant to the MEA region Work with individual local security teams assigned to ensure security controls applied are compliant to CIP policies and standards Assist in the review and approval of application infrastructure changes in terms of security Assist in the creation of comprehensive and accurate security reports with recommendations for appropriate remediation and communicate risk findings with development and infrastructure teams Assist in the review and development of local CIP policies standards and guidelines Assist in the conduct of regulatory and internal audits as required Assist CIP and IT teams to implement standard security solutions and capabilities that are aligned with business technology and threat drivers Maintain strong working relationships with individuals and groups involved in managing information risks across the organization Stay abreast of current and emerging security threats and security architectures to mitigate the threats Skills required Demonstrated ability to work as both an individual contributor and a team player in a fast paced environment Demonstrated ability to identify cyber security risks and develop treatment plans working with key stakeholders Coordinate with people and teams to forecast activity completion and the ability to work in a team environment sharing workloads and responsibilities Knowledge of Windows and nix-based operating systems Understanding of core Internet protocols e g TCP UDP DNS HTTP TLS IPsec and the OSI model Understanding of encryption fundamentals symmetric asymmetric ECB CBC operations AES etc Understanding of Cloud environments such as SaaS PaaS and IaaS Understanding of OWASP Knowledge of networking fundamentals and common attacks Ability to analyze vulnerabilities and misconfigurations appropriately characterize threats and provide remediation recommendations Qualifications High School diploma Bachelor s degree preferred Qualified candidates will typically have 3 to 5 years of professional IT experience work experience 4 years or more of security operations or security governance risk and compliance experience CISSP CRISC or similar certifications desired Passionate about security and finding new ways to protect systems as well as break them Strong analytical and problem solving skills with the ability to think outside the box Ability to work in a flexible environment where requirements and procedures continuously evolve Strong oral and written communication skills including a demonstrated ability to prepare documentation and presentations for technical and non-technical audiences About Evernorth Health Services Evernorth Health Services a division of The Cigna Group creates pharmacy care and benefit solutions to improve health and increase vitality We relentlessly innovate to make the prediction prevention and treatment of illness and disease more accessible to millions of people Join us in driving growth and improving lives