IT Security Compliance Senior Manager

About the job

The Information Protection Sr. Manager role is responsible for managing Cigna’s Commercial and Government lines of business’ IT regulatory compliance team. This includes identification and documentation of key controls, development of test strategies and test plans, review of testing results and remediation of identified control deficiencies. This role will work closely with Information System Experts, Infrastructure, Development and Project Management teams to help ensure technology regulatory compliance and continued process improvements.

The position is in the Global Security Assurance Team (GSAT), in the Cigna Information Protection (CIP) department. CIP is responsible for managing information security, including security risk management, for the organization. The GSAT team is responsible for security assurance-related activities associated to Cigna’s government, commercial and international lines of business. This includes alignment with HIPAA and state regulatory requirements.

Essential Functions

• Leads a team conducting NIST-based assessments of internal and external systems
• Identifies, documents and maintains in-scope applications, locations and IT controls
• Develops strong relationships with IT process/control owners
• Establishes and communicates success/fail criteria of IT controls
• Proactively identifies changes in IT environment and assesses compliance impact
• Identifies weaknesses in internal controls and opportunities to enhance operational efficiencies
• Manages control remediation activities
• Monitors on-going regulatory compliance for IT controls
• Provides consultative advice to information security customers that enables them to make informed risk management decisions
• Facilitates work with external business partners when necessary
• Assesses impact of changes in the regulatory landscape
• Performs readiness reviews
• Optimizes processes for testing and reporting on effectiveness of IT controls
• Assists project teams in the implementation of security measures to meet corporate security policies and external regulations
• Weighs business needs against security concerns and articulate issues and options to management
• Maintains appropriate security documentation for applications and systems
• Ensures that user community understands and adheres to necessary procedures to maintain security
• Effectively manages multiple competing priorities
• Develops management reports
• Develops insights and influence positive change in the control
• Produces high-quality deliverables
• Performs special projects as required by management

Qualifications

• Several years of IT audit, IT risk management or IT compliance experience with a Bachelor’s Degree in computer related field or equivalent experience (Big 4 experience highly preferred)
• A few years of experience in Information Security Management
• Strong knowledge of cyber controls regulations such as HIPAA
• Has a ‘can do’ positive attitude
• Strong proficiency in MS Office
• Excellent organizational skills and ability to communicate with internal/external entities and executives a must
• Effective leadership skills, demonstrated ability to coordinate people and teams to project/activity completion and the ability to work in a team environment, sharing workloads and responsibilities
• Customer service-oriented; Ability to work in a flexible environment where requirements and procedures continuously evolve
• Certification in information security and/or audit (CISA, CISSP, CISM, GIAC, or equivalent) preferred

This role is WAH/Flex which allows most work to be performed at home. Employees must be fully vaccinated if they choose to come onsite.

For this position, we anticipate offering an annual salary of $125,300 – $208,900, depending on relevant factors, including experience and geographic location.

This role is also anticipated to be eligible to participate in an annual bonus plan.

Helping our customers achieve healthier, more secure lives is at the heart of what we do. While you take care of our customers, we’ll take care of you through a comprehensive benefits program that helps you be at your best. Starting on day one of your employment, you’ll be offered several health-related benefits including medical, vision, dental, and best in class well-being and behavioral health programs. We also offer 401(k) with company match, company paid life insurance, tuition reimbursement, a minimum of 18 days of paid time off per year and dozens of corporate discounts on essentials you use every day. For more details on our employee benefits programs, please visit the “Life at Cigna” tab on our careersite: www.cigna.com/careers

About Cigna

Cigna Corporation exists to improve lives. We are a global health service company dedicated to improving the health, well-being and peace of mind of those we serve. Together, with colleagues around the world, we aspire to transform health services, making them more affordable and accessible to millions. Through our unmatched expertise, bold action, fresh ideas and an unwavering commitment to patient-centered care, we are a force of health services innovation. When you work with us, or one of our subsidiaries, you’ll enjoy meaningful career experiences that enrich people’s lives. What difference will you make?

Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.

If you require reasonable accommodation in completing the online application process, please email: [email protected] for support. Do not email [email protected] for an update on your application or to provide your resume as you will not receive a response.