Cyber Security Lead Analyst - HIH - Evernorth

Cyber Security Lead Analyst - HIH - Evernorth – Threat Intelligence

Position Summary:

Cigna Information Protection is looking for a Cyber Threat Intelligence Lead Analyst –to identify threats to Cigna, its subsidiaries, and the healthcare industry. The goal of the Threat Researcher is to uncover new and novel threats, track threat actors’ operations against Cigna, and collaborate with internal teams to counter threats. As a Threat Analyst you will identify adversary tactics, techniques, and procedures (TTP), malware, and other threats in various log data and in external repositories. You will identify and track adversary infrastructure, malware, and delivery mechanisms of concern to Cigna.

Experience Required:

• 5 - 8 years of experience in cybersecurity, security operations center, incident response threat intelligence, threat hunting, or reverse engineering malware.

• 3+ years of experience using an adversary threat framework (e.g. Mitre ATT&CK)

• 3+ years of experience analyzing cyber threat attack scenarios.

• 3+ years of experience automating and/or scripting with Python, or other language.

• Background in intelligence analysis and threat intelligence.

• 3+ years of experience tracking threat actor infrastructure using tools like Shodan, VirusTotal, etc

• GCTI, SEC+, CYSA, or similar Cyber Security or Incident Response Certifications

Job Description & Responsibilities:

• Develop, document, and execute threat research in collaboration with internal intelligence and hunting teams to identify adversaries and their behaviors, including new/emerging tactics.

• Identify and track adversary infrastructure, malware, and delivery mechanisms of concern to Cigna.

• Learn and understand the threat environment of Cigna.

• Experience in analyst, complex problem solving and critical thinking.

• Conduct research that yields new insights, theories, analyses, data, algorithms, and prototypes that advance state-of-the-art of controls, detections, monitoring, and investigation/hunting capabilities or leads to improvements to the protection capabilities of our products and services.

• Present threat landscape briefings and finished intelligence products.

• Innovate processes, create strategies, develop automation or tools and work with partner teams to promote efficiency for hunters and investigators.

• Collaborate with internal Threat Hunting team to share insights and findings to find threats internal to the Cigna environment.

• Identify and collaborate on response to advanced threats, actor techniques, anomalous or suspicious activity, combined with intelligence, to identify potential and active risks to systems and data or to major incidents affecting the enterprise and cloud’s infrastructure.

Education and Training Required:

• A degree (Bachelor’s Degree preferred) from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; OR

• Education and / or experience which is equivalent to the above

Primary Skills:

• Deep understanding of cyber attacks, threat actor tactics, techniques, & malware types.

• Strong analytical and investigative mindset.

• Firm understanding of MITRE framework.

• Work well with objective-based tasks and ability to identify opportunities for research tasks.

• Strong communication skills, both written and oral.

• Ability to self-identify opportunities

• Thorough knowledge of operating systems, networking, and host analysis.

Additional Skills:

• Ability to work effectively in a team-oriented environment and collaborate with cross-functional teams

• Flexibility to adapt to evolving security challenges and stay current with emerging threats

About Evernorth Health Services