Job
Description
Cyber Security Senior Advisor (A) - HIH - Evernorth About Evernorth:Evernorth Health Services, a division of The Cigna Group (NYSECI), creates pharmacy, care, and benefits solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention, and treatment of illness and disease more accessible to millions of people.Cyber Security Senior advisorJob Objective:The Information Protection Senior Advisor is responsible for conducting research, conceptualizing, designing, developing, and testing secure technology systems, including on perimeter and cloud-based networks to support to Cignas Information Protection Middle East and Africa (MEA) team. This role directly supports the MEA Portfolio covering 34x operational entities across 22x countries ensuring that security requirements are adequately addressed safeguarding the protection of sensitive policyholder data, claims information, and financial transactions.Reporting to the Head of Cyber Security Middle East & Africa, you will develop and enforce security strategies that mitigate cyber threats, protect against fraud, and ensure business continuity in a highly regulated health insurance environment. You will be required to design, implement, and oversee the security infrastructure for our business platforms in accordance with Cigna Information Protection (CIP) security architecture framework.In this role, you will work closely with CIP Architecture and Engineering, Risk Management, and Compliance teams to build secure architectures that align with internal and regulatory requirements such as SAMA CSF (KSA), ADHICS (UAE), GDPR, HIPAA, and PCI DSS.:13-16 years of experience in a Cyber Security Design and Development role.Partners with the CIP MEA leadership team to develop a regional strategy and operational plan to deliver CIP shared services to the business.Perform security reviews using CIP or Industry standards (NIST, ISO etc) to identify gaps in security architecture and controls as part of a MEA cybersecurity risk management plan.Develop and Integrate cybersecurity designs for systems and networks that require processing of multiple data classification levelsDetermine if systems and architecture are consistent with CIPs Secure Baselines and Global Security Architecture Requirements.Ensure secure third-party vendor integrations (e.g., Fronting Partners, Third Party Administrators, regulatory entities, payment processors and healthcare providers).Advise on security requirements to be included in statements of work for Cigna or JV partners procuring new technology services.Determine and Document the impact of new system and interface implementations on the cybersecurity posture of Cigna or a JV partner.Partners with the business to evaluate and translate functional requirements and integrating security policies into technical solutions.Performs comprehensive technology research to evaluate potential solutions across cyberspace systems relevant for the MEA region including Joint Venture (JV) partners.Performs focused risks assessments of existing or new services and technologies, security architecture, identifies design gaps, risks, and recommends enhancements.Maintains strong working relationships with individuals and groups involved in managing security architecture engineering and technology risks across the organizationStays abreast of current and emerging security threats and designs security architectures to mitigate themSkills Needed:Ability to analyse an organisations enterprise information technology architectureAbility to apply secure network architectures and security controls into proposed solutionsAbility to identify cybersecurity or privacy issues in external or partner connectionsAbility to design systems and apply security architecture guidelines across On-Premises and Hybrid Cloud environmentsAbility to partner with Infrastructure, Cloud and Application architects to perform user needs analysis and requirements gathering for large-scale projects.Ability to develop a cyber security strategy and input into detail-oriented operational planning including capability development (People, Processes, Technology, Data).Ability to perform Controls Assurance / Attestation and deliver comprehensive risk treatment plans.Technical depth and sound knowledge in networking, cloud, desktop, server, storage, software-defined-networking, virtualization and application domainsProven communication skills, able to write and verbally communicate complex conceptsProven collaboration skills and can adapt to changing organization changing business needs, technological advances and agile methodologySelf-starter and shows empathy towards business requirements and able to influence changes to facilitate securityHealth Insurance or Health Care Industry experience is a plusTravel required, approximately 10%Qualifications:Bachelors or Masters in Cybersecurity, Computer Science, or Information Security.Qualified candidates will typically have 13+ of professional IT experience work experience, with 8+ years of experience in a security design and development roleCISSP, CISM, CCSP, CRISC or similar certifications requiredExpertise in encryption, network security, cloud security, application security and endpoint protection.Deep knowledge of security risks, data privacy laws, and fraud prevention techniques relevant to Financial Services, FinTech and Health sectors.Experience in data security standards and best practices for Personally Identifiable Information (PII) and Personal Health Information (PHI)Experience and working knowledge of NIST, HIPPA, PCI DSS & ISO 27001 certification is a plusStrong written and spoken English skills, demonstrated ability to communicate at high levels, both verbally and in reportingStrong work ethic, high drive and ability to focus. High stamina. Shows optimism and determination when facing challengesAbility to work successfully with a minimum of supervision in a fast paced and sometimes pressured environment About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.
