Information Protection Senior Advisor - US Medical BISO

Job Objective:

The Cigna Group Information Protection is looking for an experienced Information Security professional to play a key role for the US Medical BISO office.

This role will work with the business to identify security needs and guide them towards effective implementation of applicable standard and approved solutions.

Additionally, will provide the following: work with the business and subject matter experts to determine acceptable alternative solutions where the standard solutions will not work; ensure leadership has visibility into their risk posture and has resolved, mitigated or accepted any identified information security gaps or risks.

This position will help to ensure that the overall security posture of the assigned business area complies with all enterprise Privacy and information security guidelines and policies.

Job Description:

Primary liaison between Business Partners and Security Partners

Provide a comprehensive and business specific cybersecurity posture

Integrate with the business to collaborate, advise and influence activities with cyber riskImplications

Drive business and cyber risk strategy alignment

Assist in the implementation and translation of information security requirements

Facilitate Cyber Risk Management processes

Facilitate process to raise awareness and insights into overall security posture


* Maintain strong working relationships with individuals and groups involved in managing information risks across the organization


* Partner with The Cigna Group and IT teams to implement standard security solutions and capabilities that are aligned with business, technology and threat drivers


* Manage remediation oversight activities that burn down information security risks


* Stay abreast of current and emerging security threats and security architectures to mitigate the threats


* Obtain and track Key Risk Indicators [KRI's] and metrics

Skills Needed:


* Health Insurance or Health Care Industry experience preferred


* Ability to multitask and timely execute


* Ability to grasp and understand complicated relationships


* Proven Communication skills, able to write and verbally communicate effectively


* Organizational courage to escalate and resolve risk issues


* Flexible can adapt to changing organization changing business needs, technological advances and agile methodology


* Demonstrates technical skills in infrastructure, application and third-party security assessments.


* Self-starter and shows empathy towards business requirements and able to influence changes to facilitate security


* Experience with assessing and mitigating risk

Qualifications:


* 5 plus years' experience with broad high-level knowledge, hands-on experience, and exposure to a wide range of IT subject areas, business, IT & physical controls


* BS degree or equivalent experience


* CISSP, CISA, CISM, CRISC or similar certifications preferred


* Strong writ...