Cigna-Evernorth Services Inc. seeks an Information Protection Advisor for the Bloomfield, CT location to identify, evaluate, and lead technical security analyses to ensure that all systems and processes meet applicable information security requirements.

Responsibilities:
• Embed security assessments into development and operational workflows to support continuous compliance.
• Provide in-depth technical analysis of security requirements to protect information processed, stored, or transmitted across systems.
• Collaborate with engineering teams to ensure secure design and implementation throughout the system lifecycle.
• Partner with internal stakeholders to define security requirements and assess the feasibility of implementing scalable security controls.
• Promote the integration of security into development and operational practices to support secure-by-design principles.
• Conduct comprehensive security assessments of third-party service providers and outsourced solutions.
• Evaluate their security posture and ensure alignment with organizational standards and industry best practices, including supply chain risk considerations.
• Design and implement streamlined, automate security processes that enhance the efficiency and effectiveness of security controls.
• Apply creative problem-solving and strategic thinking to improve security posture while enabling business agility.
• Provide strategic security guidance to cross-functional teams an leadership.
• Serve as a thought leader in secure development and operations practices, aligning security initiatives with broader business goals and fostering a culture of shared responsibility for security.
• Hybrid work schedule.

Qualifications:
• Bachelor's degree in Computer Science or related field and 2 years of experience.
• Must have experience with: Automating Security solutions in a CI/CD pipeline;
• Integrating technologies including Checkmarx, BlackDuck, & NowSecure, via scripts and triggers;
• Static application security testing (SAST) using Checkmarx;
• Dynamic application security testing (DAST) using RedHat ACS, BlackDuck, & PrismaCloud;
• Application security posture management using Apiiro;
• False positive triage automation;
• SBOM Evaluation; Python-based bots for troubleshooting and bulk updates;
• Ansible playbooks for integration and migration tasks;
• CI/CD tools including Azure DevOps and Jenkins;
• Docker container security practices; Authentication and Authorization design;
• Vulnerability management; Integrating security into design and implementation phases; and,
• Referencing security standards including ISO27001, SOC 2 Type II, Open-Source Licensing.

If you will be working at home occasionally or permanently, the internet connection must be obtained through a cable broadband or fiber optic internet service provider with speeds of at least 10Mbps download/5Mbps upload.

For this position, we anticipate offering an annual salary of 103,100 - 171,900 USD / yearly, depending on relevant factors, including experience and geographic location.

This role is also anticipated to be eligible to participate in an annual bonus plan.

At The Cigna Group, you'll enjoy a comprehensive range of benefits, with a focus on supporting your whole health. Starting on day one of your employment, you'll be offered several health-related benefits including medical, vision, dental, and well-being and behavioral health programs. We also offer 401(k), company paid life insurance, tuition reimbursement, a minimum of 18 days of paid time off per year, paid holidays, and leaves of absence. For more details on our employee benefits programs, click here.