Cyber Security Senior Advisor (A) - HIH - Evernorth

Cyber Security Senior Advisor (A) - HIH - Evernorth

About Evernorth:
Evernorth Health Services, a division of The Cigna Group (NYSE: CI), creates pharmacy, care, and benefits solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention, and treatment of illness and disease more accessible to millions of people.
Job Description
Cyber Security Senior advisor
Job Objective:
The Information Protection Senior Advisor is responsible for conducting research, conceptualizing, designing, developing, and testing secure technology systems, including on perimeter and cloud-based networks to support to Cigna's Information Protection Middle East and Africa (MEA) team. This role directly supports the MEA Portfolio covering 34x operational entities across 22x countries ensuring that security requirements are adequately addressed safeguarding the protection of sensitive policyholder data, claims information, and financial transactions.
Reporting to the Head of Cyber Security Middle East & Africa, you will develop and enforce security strategies that mitigate cyber threats, protect against fraud, and ensure business continuity in a highly regulated health insurance environment. You will be required to design, implement, and oversee the security infrastructure for our business platforms in accordance with Cigna Information Protection (CIP) security architecture framework.
In this role, you will work closely with CIP Architecture and Engineering, Risk Management, and Compliance teams to build secure architectures that align with internal and regulatory requirements such as SAMA CSF (KSA), ADHICS (UAE), GDPR, HIPAA, and PCI DSS.
Job Description:
13-16 years of experience in a Cyber Security Design and Development role.
Partners with the CIP MEA leadership team to develop a regional strategy and operational plan to deliver CIP shared services to the business.
Perform security reviews using CIP or Industry standards (NIST, ISO etc) to identify gaps in security architecture and controls as part of a MEA cybersecurity risk management plan.
Develop and Integrate cybersecurity designs for systems and networks that require processing of multiple data classification levels
Determine if systems and architecture are consistent with CIP's Secure Baselines and Global Security Architecture Requirements.
Ensure secure third-party vendor integrations (e.g., Fronting Partners, Third Party Administrators, regulatory entities, payment processors and healthcare providers).
Advise on security requirements to be included in statements of work for Cigna or JV partners procuring new technology services.
Determine and Document the impact of new system and interface implementations on the cybersecurity posture of Cigna or a JV partner.
Partners with the business to evaluate and translate functional requirements and integrating security policies into technical solutions.
Performs comprehensive technology research to evaluate potential solutions across cyberspace systems relevant for the MEA region including Joint Venture (JV) partners.
Performs focused risks assessments of existing or new services and technologies, security architecture, identifies design gaps, risks, and recommends enhancements.
Maintains strong working relationships with individuals and groups involved in managing security architecture engineering and technology risks across the organization
Stays abreast of current and emerging security threats and designs security architectures to mitigate them
Skills Needed:
Ability to analyse an organisation's enterprise information technology architecture
Ability to apply secure network architectures and security controls into proposed solutions
Ability to identify cybersecurity or privacy issues in external or partner connections
Ability to design systems and apply security architecture guidelines across On-Premises and Hybrid Cloud environments
Ability to partner with Infrastructure, Cloud and Application architects to perform 'user needs analysis' and 'requirements gathering' for large-scale projects.
Ability to develop a cyber security strategy and input into detail-oriented operational planning including capability development (People, Processes, Technology, Data).
Ability to perform Controls Assurance / Attestation and deliver comprehensive risk treatment plans.
Technical depth and sound knowledge in networking, cloud, desktop, server, storage, software-defined-networking, virtualization and application domains
Proven communication skills, able to write and verbally communicate complex concepts
Proven collaboration skills and can adapt to changing organization changing business needs, technological advances and agile methodology
Self-starter and shows empathy towards business requirements and able to influence changes to facilitate security
Health Insurance or Health Care Industry experience is a plus
Travel required, approximately 10%
Qualifications:
Bachelors or Masters in Cybersecurity, Computer Science, or Information Security.
Qualified candidates will typically have 13+ of professional IT experience work experience, with 8+ years of experience in a security design and development role
CISSP, CISM, CCSP, CRISC or similar certifications required
Expertise in encryption, network security, cloud security, application security and endpoint protection.
Deep knowledge of security risks, data privacy laws, and fraud prevention techniques relevant to Financial Services, FinTech and Health sectors.
Experience in data security standards and best practices for Personally Identifiable Information (PII) and Personal Health Information (PHI)
Experience and working knowledge of NIST, HIPPA, PCI DSS & ISO 27001 certification is a plus
Strong written and spoken English skills, demonstrated ability to communicate at high levels, both verbally and in reporting
Strong work ethic, high drive and ability to focus. High stamina. Shows optimism and determination when facing challenges
Ability to work successfully with a minimum of supervision in a fast paced and sometimes pressured environment

About Evernorth Health Services

Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.