The Cybersecurity Data Protection team is seeking a skilled and security-focused
Email Security Engineer
with expertise in
Secure Email Gateway (SEG)
solutions to protect our organization from evolving email threats. The ideal candidate will play a critical role in defending the enterprise against phishing, malware, business email compromise (BEC), and data exfiltration attempts by managing and enhancing our email security infrastructure.
Requirements & Qualifications
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related fieldor equivalent experience.
- Over all 13 - 16 yrs work experience in Cyber Security
- Relevant 6+ years of hands-on experience with Secure Email Gateways and enterprise email security.
- In-depth knowledge of SMTP, TLS, SPF, DKIM, DMARC, and other email protocols and protections.
- Familiarity with SIEM, SOAR, threat intelligence platforms, and email forensics tools.
- Strong understanding of cyber threat landscape, especially email-based threats like phishing, ransomware, and BEC.
- Experience working with Microsoft 365 / Exchange Online Protection (EOP) and Defender for Office 365 is a plus.
- Security certifications such as CompTIA Security+, SSCP, CEH, GIAC, or CISSP.
Key Responsibilities
- Administer, maintain, and optimize Secure Email Gateway platforms (e.g., Mimecast, Proofpoint, Cisco Email Security, Microsoft Defender for Office 365).
- Develop, implement, and fine-tune email filtering policies to block spam, phishing, and malicious content.
- Enforce email security standards and protocols such as SPF, DKIM, and DMARC to protect organizational domains.
- Configure and manage email encryption and data loss prevention (DLP) policies to ensure compliance with regulatory standards (e.g., GDPR, HIPAA, SOX).
- Monitor and respond to email security alerts, perform forensic analysis, and support incident response efforts.
- Collaborate with the SOC and threat intelligence teams to detect, analyze, and respond to targeted phishing campaigns and advanced persistent threats (APTs).
- Generate and deliver regular email threat reports, KPIs, and metrics to stakeholders.
- Conduct ongoing risk assessments and security posture reviews of the email environment.
- Research and stay current on the latest email threat trends, vulnerabilities, and tools.
Preferred Skills
- Scripting skills (e.g., PowerShell, Python) for automation and reporting.
- Experience in a SOC or security operations environment.
- Familiarity with regulatory and compliance frameworks (e.g., ISO 27001, NIST, PCI-DSS).
Soft Skills
- Strong analytical thinking and problem-solving skills.
- Effective communication skills, including the ability to explain technical risks to non-technical stakeholders.
- Detail-oriented with the ability to manage multiple priorities in a fast-paced environment.
Role Summary
Senior consultant level professional providing counsel and advice to top management on significant Cyber Security matters often requiring coordination between organizations; focuses on providing thought leadership across multiple disciplines; recognized internally as the go-to person for the most complex assignments in Cyber Security. This position is responsible for complex configuration, documentation, and maintenance of some or all of an organization's information security architecture. This may include the installation and configuration of firewalls, intrusion detection systems, anti-virus software, and vulnerability scanning systems. The position also ensures that threats and vulnerabilities to the organization's business systems and applications (both in-house and cloud-based) are minimized. The position manages encryption protocols to protect the organization's data as well as management of authentication and access controls. This position recommends architectural changes when intrusions have occurred and monitors the effectiveness of implemented changes. The position monitors overall compliance with security standards and conducts periodic security audits using techniques such as ethical hacking and penetration testing. The position provides project management, work direction and troubleshooting for lower level Information Security engineers.
About Evernorth Health Services
Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.
