Information Protection Associate Advisor

Job Description

About Evernorth

Evernorth exists to elevate health for all, because we believe health is the starting point for human potential and progress. As champions for affordable, predictable and simple health care,

we solve the problems others don't, won't or can't.

Our innovation hub in India will allow us to work with the right talent, expand our global footprint, improve our competitive stance, and better deliver on our promises to stakeholders. We are passionate about making healthcare better by delivering world-class solutions that make a real difference.

We are always looking upward. And that starts with finding the right talent to help us get there.

Position Summary

We are looking for a highly skilled Information Protection Associate Advisor to join our team, focusing on automation engineering initiatives to drive efficiency and reducing manual effort across the organization. In this role, you will work directly interact with application or product teams and cross-functional teams to identify automation opportunities, design and deliver scalable, resilient, and secure solutions that optimize our internal processes and support Cigna's overarching security goals. This individual will contribute to major technology initiatives aimed at revolutionizing health services and the ability to influence security tools integrations within the healthcare delivery system working from HIH.

Experience Required

- 8+ years of experience in cybersecurity.
- Proven project management skills, with experience leading complex cybersecurity projects.
- Strong understanding of cybersecurity best practices.
- Excellent analytical, problem-solving, and decision-making skills.
- Strong English written and verbal communication and interpersonal skills.
- Proven ability to work effectively with cross-functional teams and stakeholders across multiple time zones and countries.

Intake Processing

Job Description & Responsibilities:

- Analyze and identify business inputs for assessment engagement.
- Review workflows for existing assessments and new assessments.
- Review business workflow within Intake system to define triaging, prioritization and tracking of intake requests.
- Establish SLAs for engagement requests, assessment completion, include various workflow status to track the progress of the intakes. (eg. open, cancelled, In progress, On hold, complete)
- Work closely with other CIP teams like Product Security (AppSec), Security Architecture and other assessment teams to ensure tasks are completed within SLA.
- Work with app teams to gather and document feedback for enhancements.
- Fluent with ServiceNow reporting and metrics to track coverage and volume analysis for leadership visibility.
- Support the analysis and identification of business inputs for assessment engagement.
- Create workflow logic for existing assessments and new assessments.
- Review technical feasibility within Intake system to define triaging, prioritization and tracking of intake requests.
- Work closely with project teams to provide guidance and assist with the Intake submission.
- Create and maintain user guides, FAQs, confluence pages for the CIP Intake tool for Cigna Projects teams to use.

Security Remediation Management

- Analyze and understand the volume of current non-production security findings and their sources. Strengthen the oversight of security fixes in non-prod environment
- Establish SLAs for remediation and exception management to ensure compliance with industry standards.
- Define end to end workflow for identification/assessment, remediation, monitor, validation, and resolution.
- Create reports and dashboards for CIP and Application leadership to understand the security posture of the org.
- Work closely with application business units and CIP assessment teams to ensure clear handoffs and timely remediation of security vulnerabilities.
- Monitor and track remediation rate in non-prod and its impact on prod remediation rate.
- The idea is to have all the non-prod security vulnerabilities to flow into a centralized risk platform.
- Review and compare the various platforms and help with building and integrating the findings into that platform/tool.
- Document requirements, workflows, and prototypes to build the system integrations.
- Automate workflow within the tool for tracking progress and reporting for visibility and metrics.

Education And Training Required

- Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field.
- Relevant certifications such as CISSP, CISM, CISA, or equivalent are nice to have.

The Tools/technical Skills

Advanced Excel Skills (Pivot tables and other reporting skills)

Advanced Word documentation

Analytics/Power BI

Visio/Mural - preferably Mural as that is what we use.

Jira

ServiceNow

Confluence

SharePoint

SQL Server

Microsoft project or other project tracking

Why Join Us

- Contribute to a high-impact security automation initiative at a strategic level.
- Work with cutting-edge security and cloud technologies.
- Collaborate with top security and engineering teams to drive automation and efficiency.

About Evernorth Health Services

Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.