Cyber Assurance Senior Manager

Let’s create a better future – together. At Cigna, we are seeking security and compliance professionals looking to apply their collective career experiences and be a leader on a team performing impactful work. Cigna offers unique learning opportunities, compelling growth and leadership tracks, flexible work arrangements, and attractive compensation/benefits package. Come join the hundreds of IT and security professionals who play a meaningful role in improving the health, well-being, and peace of mind of those we serve.

You. At your best. Working at Cigna is rewarding â€“ not only are we people focused, you can expect to enjoy:

• Comprehensive health plan options, including medical, dental, and vision
• 401k and employer matching
• At least 23 days of PTO at this level plus paid holidays, caregiver leave, and bought time off
• 8 hours of additional paid time off each year to volunteer in the community
• Company-wide recognition programs
• Reimbursement for educational development opportunities
• Discounts on things that matter to you, like pet insurance

This role is part of Cyber Assurance team within the Cigna Information Protection (CIP) department.  The goal of the Cyber Assurance team is to earn and maintain the trust of those we serve while improving the organization’s cyber security posture through superior assurance services.

As a leader in organization, the Cyber Assurance Sr. Manager will be responsible for managing several assurance efforts, including:

• Controls Reporting (e.g. SOX, SOC 2, HITRUST, PCI)
• Regulatory Compliance Evaluations (e.g. HIPAA, NY DFS, LADMF).
• Cyber Maturity Assessments
• Controls Readiness Assessments
• Other ad-hoc projects

In this role, the Cyber Assurance Sr Manager will be required to:

• Develop strategic goals and tactical steps that align with the team’s mission
• Lead a team of sharp and talented individuals
• Communicate project status and risk to leadership and team members
• Balance business needs and security concerns
• Articulate issues and provide management with options to resolve them
• Improve the efficiency of executing assessments and eliminate duplicative tasks
• Proactively identify changes in IT and regulatory environment and assess compliance impact
• Conduct NIST-based assessments of internal and external systems
• Establish and communicate success/fail criteria of IT controls
• Develop strong relationships with IT process/control owners
• Provide new insight and influence positive change in the control environment
• Actively seek development opportunities for team members.

We partner, collaborate and keep our promises.  Why you should join this team:

• We’re a collection of driven individuals from different backgrounds focused on getting to the best results, and collaborating to do so
• We know that compliance and risk management is serious business, but we have fun too
• We’re dedicated to building knowledge, not just demanding information, creating a culture where our partners know why we do the work we do
• We push the boundaries to ensure we’re always improving the way we work
• We work flexibly to ensure we are available to the team and to meet life’s demands 

We are excited to hear from you if you have…

• Several years of IT audit, IT risk management or IT compliance experience with a Bachelor's Degree in computer related field or equivalent experience (client-facing consulting experience is a plus)
• At least 4 years of experience managing assessment teams responsible for SOC, ISO 27000 and/or HITRUST certification (experience managing virtual and/or offshore resources is a plus)
• Certification in information security and/or audit (CISA, CISSP, CISM, GIAC, or equivalent)
• Demonstrated expertise of the following security and regulatory control frameworks: AICPA TSP-100a, NIST CSF, NIST 800-53, and HIPAA
• Effective leadership skills, including demonstrated ability to coordinate people and teams to project/activity completion, delegation of tasks, and providing constructive feedback to team members
• Polished written and oral communication skills
• Proficiency using Microsoft Office suite
• Experience working in large, complex IT organizations is preferred but not required
• Experience working in the healthcare industry is preferred but not required

This role is WAH/Flex which allows most work to be performed at home. Employees must be fully vaccinated if they choose to come onsite. 

This position is not eligible to be performed in Colorado.

About Cigna

Cigna Corporation exists to improve lives. We are a global health service company dedicated to improving the health, well-being and peace of mind of those we serve. Together, with colleagues around the world, we aspire to transform health services, making them more affordable and accessible to millions. Through our unmatched expertise, bold action, fresh ideas and an unwavering commitment to patient-centered care, we are a force of health services innovation. When you work with us, or one of our subsidiaries, you’ll enjoy meaningful career experiences that enrich people’s lives. What difference will you make?

Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.

If you require reasonable accommodation in completing the online application process, please email: SeeYourself@cigna.com for support. Do not email SeeYourself@cigna.com for an update on your application or to provide your resume as you will not receive a response.