Information Protection Associate Advisor - HIH - Evernorth

ABOUT EVERNORTH:

Evernorth℠ exists to elevate health for all, because we believe health is the starting point for human potential and progress. As champions for affordable, predictable and simple health care,
we solve the problems others don’t, won’t or can’t.

Our innovation hub in India will allow us to work with the right talent, expand our global footprint, improve our competitive stance, and better deliver on our promises to stakeholders. We are passionate about making healthcare better by delivering world-class solutions that make a real difference.

We are always looking upward. And that starts with finding the right talent to help us get there.

Position Summary:

We are looking for a highly skilled Information Protection Associate Advisor to join our team, focusing on automation engineering initiatives to drive efficiency and reducing manual effort across the organization. In this role, you will work directly interact with application or product teams and cross-functional teams to identify automation opportunities, design and deliver scalable, resilient, and secure solutions that optimize our internal processes and support Cigna’s overarching security goals. You will involve in the design, development, enhancement, and maintenance of Cyber security initiatives like intake system, automating workflows. This individual will contribute to major technology initiatives aimed at revolutionizing health services and the ability to influence security tools integrations within the healthcare delivery system working from HIH.

Experience Required:

• 8 - 11 years of experience in cybersecurity, with a focus on application and product security
• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.
• Strong understanding of Object-Oriented Programming (OOP), Design Patterns, Data Structures, and Web Standards.
• Hands-on development experience with Java or NodeJS or Python.
• Strong experience developing RESTful web services, Event-Driven Architecture and caching frameworks.
• Experience with Java/Spring Boot or NodeJS, React frameworks.
• Experience working with SQL and NoSQL databases.
• Proven expertise in automating security solutions within development pipelines (CI/CD)
• Experience in integration of security testing and compliance checks into build workflows (GitHub Actions, GitLab, CI/CD, Jenkins, ArgoCD, Tekton)
• Collaborate with development teams to implement secure coding best practices.
• Develop and maintain security policies, procedures, and documentation and adhere to the Enterprise standards.
• Strong understanding of various pipeline touchpoints and integration methods.
• Cloud experience (AWS, Azure, Google Cloud), Containers, and Kubernetes is highly desirable.
• Strong knowledge of secure software development practices and principles.
• Ability to work effectively in an Agile environment.
• Expertise in API development for automation and workflow integrations (eg. ASPM Orchestrator and developer reporting platform)
• Extensive experience with development, DevSecOps, and build automation tools such as Jenkins, Maven, GitHub, GitLab, IDEs, Docker, Kubernetes, OpenShift, Java, JavaScript, Node.js, Python, Shell Scripting, and MySQL or other database management tools.
• Development Experience in Jira, ServiceNow, Onspring

Job Description & Responsibilities:

• This stream covers all the automation needs to improve efficiency and reduce manual effort across Cyber security teams.
• Identify key security and risk management processes that can be automated for efficiency.
• Review and analyze system integrations between security assessment tools and centralized risk platform.
• Collaborate with development and security teams to ensure automation aligns with org compliance and exception management requirements.
• Continuous assessment of existing manual and automated workflows to enhance effectiveness and reduce operation overhead.
• Proven experience in medium-to-large-scale web development projects.
• Ability to develop across the full technology stack, from front-end to back-end.
• Skilled in designing and developing next-generation RESTful APIs and event-driven services within a distributed architecture.
• Experience working in Agile development teams and adhering to Agile methodologies.
• Assist with tool selection for security and risk management processes that can be automated for efficiency.
• Review data mapping for system integrations between security assessment tools and centralized risk platform.

Experience Desired:

• Knowledge of regulatory and compliance frameworks (e.g., GDPR, HIPAA, PCI-DSS).
• Hands-on experience with security automation and orchestration.
• Proficiency in programming and scripting languages relevant to security (e.g., Python, Java, Ansible, Shell scripting), Cloud and Kubernetes.
• Good knowledge of Sec Arch, Vulnerability Management, Cloud Security, and ASPM tools.
• Ability to manage and prioritize multiple projects in a fast-paced environment.

Education and Training Required:

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.
• Relevant certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.

Why Join Us?

• Contribute to a high-impact security automation initiative at a strategic level.
• Work with cutting-edge security and cloud technologies.
• Collaborate with top security and engineering teams to drive automation and efficiency.

About Evernorth Health Services