Cyber Security Associate Advisor

ABOUT EVERNORTH Evernorth exists to elevate health for all because we believe health is the starting point for human potential and progress As champions for affordable predictable and simple health care we solve the problems others don t won t or can t Our innovation hub in India will allow us to work with the right talent expand our global footprint improve our competitive stance and better deliver on our promises to stakeholders We are p assionate about making healthcare better by delivering world-class solutions that make a real difference We are always looking upward And that starts with finding the right talent to help us get there Cyber Risk Management Position Summary This role will work closely with the Information Protection Manager in identifying assessing and mitigating potential risks and threats related to the company s strategic supplier off-shore footprint The role will be responsible for executing the operational components of the Third Party Cyber Risk Management lifecycle The TPCRM advisor will support the overall Outsourcing Security Governance function with responsibilities that include but not limited to analyzing key service providers monitoring managing on-going third party risk assessments vendor scorecards offboarding and project management This role will support the company s Drive to 2025 strategy and will support key technology and business initiatives in relation to supplier resiliency expansion and new supplier cyber assessments Candidate must be able to perform security on-site assessments across strategic India based delivery centers Responsibilities Execute operational components of Third Party Risk Management TPRM lifecycle initial risk assessment periodic due diligence ongoing monitoring and offboarding Develop and implement strategies to mitigate cyber risks including policies procedures and controls Conduct regular risk assessments to identify vulnerabilities and weaknesses in cybersecurity defenses Perform on-site assessments at supplier delivery center Partner with business stakeholders to help them navigate the centralized TPRM process Review inherent risk questionnaire IRQ responses Initiate and coordinate vendor due diligence reviews Perform non-technical third party due diligence reviews Partner with subject matter experts SME to coordinate their reviews Prepare annual Critical Supplier Assessments Document monitor and report on third party issues and policy exceptions Document TPRM procedures and controls Perform reconciliation to maintain a complete and accurate third party book of record Translate regulatory requirements into program elements SOC SOX Consumer Data Privacy and Protection Experience Required Bachelor s Degree from an accredited university advanced degree or relevant certifications e g CISSP CISM etc preferred 3 - 5 years of Third-Party Risk Management experience 3 years of Developing and managing supplier contracts experience 3 years of eGRC Archer related experience 3 years of Project Management experience Proven experience in cyber risk management information security or related field with a strong understanding of cybersecurity principles and practices Strong written and verbal communication skills with the ability to interact with all levels of the organization Strong influencing negotiation skills Strong interpersonal relationship management skills Strong time and project management skills Experience Desired Third Party Risk Management Cyber Risk Management Vendor Management Compliance Privacy On-site Assessments Audit Cyber Scorecards Education and Training Required Bachelor s Degree from an accredited university advanced degree or relevant certifications e g CISSP CISM etc CISA CISSP CISM CTPRA CTPRP CRISC Primary Skills Cyber Security Third Party Risk Management Risk Management About Evernorth Health Services Evernorth Health Services a division of The Cigna Group creates pharmacy care and benefit solutions to improve health and increase vitality We relentlessly innovate to make the prediction prevention and treatment of illness and disease more accessible to millions of people Join us in driving growth and improving lives