Information Protection Advisor- Hybrid at Cigna

Cigna-Evernorth Services Inc. seeks an Information Protection Advisor for the Bloomfield, CT location to identify, evaluate, and lead technical security analyses to ensure that all systems and processes meet applicable information security requirements.

Responsibilities:

• Embed security assessments into development and operational workflows to support continuous compliance.

• Provide in-depth technical analysis of security requirements to protect information processed, stored, or transmitted across systems.

• Collaborate with engineering teams to ensure secure design and implementation throughout the system lifecycle.

• Partner with internal stakeholders to define security requirements and assess the feasibility of implementing scalable security controls.

• Promote the integration of security into development and operational practices to support secure-by-design principles.

• Conduct comprehensive security assessments of third-party service providers and outsourced solutions.

• Evaluate their security posture and ensure alignment with organizational standards and industry best practices, including supply chain risk considerations.

• Design and implement streamlined, automate security processes that enhance the efficiency and effectiveness of security controls.

• Apply creative problem-solving and strategic thinking to improve security posture while enabling business agility.

• Provide strategic security guidance to cross-functional teams an leadership.

• Serve as a thought leader in secure development and operations practices, aligning security initiatives with broader business goals and fostering a culture of shared responsibility for security.

• Hybrid work schedule.

• Must have experience with: Automating Security solutions in a CI/CD pipeline;

• Integrating technologies including Checkmarx, BlackDuck, & NowSecure, via scripts and triggers;

• Static application security testing (SAST) using Checkmarx;

• Dynamic application security testing (DAST) using RedHat ACS, BlackDuck, & PrismaCloud;

• Application security posture management using Apiiro;

• False positive triage automation;

• SBOM Evaluation; Python-based bots for troubleshooting and bulk updates;

• Ansible playbooks for integration and migration tasks;

• CI/CD tools including Azure DevOps and Jenkins;

• Docker container security practices; Authentication and Authorization design;

• Vulnerability management; Integrating security into design and implementation phases; and,

• Referencing security standards including ISO27001, SOC 2 Type II, Open-Source Licensing.

This role is also anticipated to be eligible to participate in an annual bonus plan.

At The Cigna Group, you’ll enjoy a comprehensive range of benefits, with a focus on supporting your whole health. Starting on day one of your employment, you’ll be offered several health-related benefits including medical, vision, dental, and well-being and behavioral health programs. We also offer 401(k), company paid life insurance, tuition reimbursement, a minimum of 18 days of paid time off per year, paid holidays, and leaves of absence. For more details on our employee benefits programs, click here.

About The Cigna Group

Doing something meaningful starts with a simple decision, a commitment to changing lives. At The Cigna Group, we’re dedicated to improving the health and vitality of those we serve. Through our divisions Cigna Healthcare and Evernorth Health Services, we are committed to enhancing the lives of our clients, customers and patients. Join us in driving growth and improving lives.

Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.

If you need a reasonable accommodation to complete the online application process, please email seeyourself@thecignagroup.com for assistance. Please note that this email inbox is dedicated to accommodation requests only and cannot provide application updates or accept resumes.

The Cigna Group has a tobacco-free policy and reserves the right not to hire tobacco/nicotine users in states where that is legally permissible. Candidates in such states who use tobacco/nicotine will not be considered for employment unless they enter a qualifying smoking cessation program prior to the start of their employment. These states include: Alabama, Alaska, Arizona, Arkansas, Delaware, Florida, Georgia, Hawaii, Idaho, Iowa, Kansas, Maryland, Massachusetts, Michigan, Nebraska, Ohio, Pennsylvania, Texas, Utah, Vermont, and Washington State.

Qualified applicants with criminal histories will be considered for employment in a manner consistent with all federal, state and local ordinances.