Remote, Work from home, United States
COMPANY and ROLE:
Cigna Corporation (NYSE: CI) is a global health service company dedicated to improving the health, well-being and peace of mind of those we serve. We offer an integrated suite of health services through Cigna, Evernorth, Express Scripts, and our affiliates, including medical, dental behavioral health, pharmacy, vision, supplemental benefits, and other related products. Together, with our employees around the world, we aspire to transform health services, making them more affordable and accessible to millions. Through our unmatched expertise, bold action, fresh ideas and an unwavering commitment to patient-centered care, we are a force of health services innovation.
With the Cigna Corporation, you'll enrich people's lives and work together to fulfill our mission of making the world a healthier place. What difference will you make?
The Managing Director of Cyber Security Architecture and Engineering is an executive position in Cigna's Information Protection organization, providing oversight for the cyber security architecture and engineering portfolio on a global scale. As a business driven organization, this highly visible leadership role is responsible for helping to transform the organization's structure, talent, technology and processes to effectively manage risk, while remaining current with the evolving threat landscape. Having the ability to develop strong relationships with business leaders across the enterprise is a critical component to the success of the individual chosen to lead this function.
The Managing Director of Cyber Security Architecture and Engineering leverages a "defense in depth" framework as the guiding principle and actively contributes to the Enterprise CISO Council (ECC) leveraging best practices and helping to improve the overall cyber maturity and posture across the enterprise. This role reports directly to the SVP, Chief Information Security Officer (CISO) and requires daily strategic partnership with Cigna's Deputy Chief Information Security Officer's (DCISO's) and CIP Shared-Services Leaders.
- Leads the overall direction and strategy of the Cyber Security Architecture and Engineering function in collaboration with the ECC and the enterprise and Information Protection leadership team.
- Possesses hands-on experience in designing for both small and large-scale solutions with an emphasis on security and performance.
- Displays hands on approach, leading engineers to deliver code and functional capabilities in security architecture, engineering and operations. Coordinates with project team comprised of multiple technical disciplines, including developers, subject matter experts, database administrators, system administrators, and system architects to implement and maintain enterprise-level information technology applications.
- Determines security product and architecture currency - Remains relevant to evolving threat landscape and responds swiftly to mitigate exposure to new threats and vulnerabilities.
- Accountable for the end-to-end security technology posture, including end-point, network, mail, perimeter, etc.
- Provides insights and guidance to the Cyber Security Department, Global Security Operations Center (G-SOC), Incident Response, Security Solution Engineering, and Governance & Project Delivery teams.
- Technical depth and working knowledge in networking, desktop, server, storage, software-defined-networking, virtualization and application domains.
- Technical knowledge of Data Loss Prevention (network and endpoint DLP), Intrusion Detection and Prevention Systems (IDS/IPS), Firewalls, Heuristics, Sandboxing, Web App Firewalls, MDM, Endpoint Protection, Distributed Denial of Service (DDoS) protection, SIEM, Encryption techniques (at rest and in flight).
- Leads strategic technology planning to achieve business goals, including the ability to articulate ideas to both technical and non-technical groups, and business case justifications for technology and security spending initiatives.
- Establishes and maintains a strong partnership with technology peers, enterprise risk management, privacy, audit and other leaders throughout the business to support the development and implementation strategies that adhere to the enterprise risk tolerance. The security team will need to anticipate technology shifts that keep peer organizations competitive, yet drive these innovated solutions without compromising the security posture.
- In conjunction with other cyber and technology leaders, develops, implements and maintains department policies and standards designed to maximize effectiveness and minimize costs related to the acquisition, implementation and operation of enterprise applications and infrastructure systems in a secure manner.
- Maintains a constructive, team-oriented and customer-focused attitude at all times and in all settings.
- Recruits and develops talent that will drive the organization to higher performance.
- This role is accountable to maintain technical compliance to regulations, standards, and certifications such as SOC1/2, SOX, data privacy, PCI and HIPPA.
- Bachelor's degree is required; an MBA desirable. CISSP and/or other security certifications are desirable.
- 10+ years of professional experience including security, infrastructure and/or application leadership experience.
- 7+ years of enterprise architecture and engineering management experience leading productive, high functioning teams.
- Knowledge involving the development of multi-tier and cross-platform architecture plans, as well as security frameworks and standards such as NIST, ISO, HTRUST, COBIT, ITIL, FIPS (common criteria).
- Understanding of regulatory standards such as HIPPA and PCI DSS.
- Understanding of risk management life cycles including technical depth and working knowledge in cloud, networking, desktop, server, storage, software-defined-networking, virtualization and application domains.
- Technical knowledge of security systems including Data Management, Data Leakage Prevention, Intrusion Detection and Prevention Systems, Firewalls, Heuristics, Identity and Access Management, Endpoint Protection, Firewalls, and Encryption techniques (at rest and in flight).
- Strong relationship skills - - The ability to build trusted, productive partnerships between technology, business leaders and external partners is a must.
- Agility in dealing with a constantly changing business environment and areas of ambiguity.
- Energy, focus & stature to excel - strong leadership presence, (possess stature) prominence in the industry and can rally people in a multi-site operational structure. Strong work ethic and a high drive and focus. Demonstrates optimism and determination when facing challenges.
This role is WAH/Flex which allows most work to be performed at home. Employees must be fully vaccinated if they choose to come onsite.
This position is not eligible to be performed in Colorado.
Cigna Corporation exists to improve lives. We are a global health service company dedicated to improving the health, well-being and peace of mind of those we serve. Together, with colleagues around the world, we aspire to transform health services, making them more affordable and accessible to millions. Through our unmatched expertise, bold action, fresh ideas and an unwavering commitment to patient-centered care, we are a force of health services innovation. When you work with us, or one of our subsidiaries, you'll enjoy meaningful career experiences that enrich people's lives. What difference will you make?
Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.
If you require reasonable accommodation in completing the online application process, please email: for support. Do not email for an update on your application or to provide your resume as you will not receive a response.