Application security is an important aspect of Information Technology at Evernorth Services, and we are increasing our capabilities with new opportunities in the Software Engineering department.
Evernorth Information Security Analysts (ISAs) are a key part of the Secure Software Development Life Cycle (SSDLC) process, assisting software application development teams with:

• Understanding and practicing SSDLC process to deliver security hardened applications.
• Facilitating Application Security Engineering engagements for security design, development, testing, and vulnerability remediation assistance.
• Creating Solution Architecture Agile diagramming for Threat Assessments
• Identifying and refining application security compliance and hardening product requirements.
• Facilitating project readiness for GRC (Governance, Risk, and Compliance) reviews and audit testing (Pen Tests).
• Developing, delivering, and administrating security coding best practices and SSDLC process training program.

The Software Engineering Application Security Practices team is seeking an Information Security Analyst with capabilities in planning and implementing security measures to harden web and mobile applications. ISAs will stay current on the organization's SSDLC process and application security best practices and requirements to promote security with engaged development teams.

This role works closely with Agile project management, application development, security testing, and Cigna Information Protection (CIP) teams.

RESPONSIBILITIES

ISAs are responsible for facilitating and accelerating security hardened software development and delivery.

• Acts as a point of contact for assigned projects and initiatives within the department.
• Works closely with program and project management to identify new projects and prioritizations.
• Ensure proper assignment and real-time status of project security project tasks and requirements.
• Help identify and escalate impediments and solutions as required.
• Organize and facilitate security reviews.
• Assist with coordinating and facilitating application security acceptance testing.
• Develop, maintain, and administrate online and interactive training programs.
• Train, assist, and mentor development team leads for SSDLC practice.
• Develop and maintain SSDLC compliance performance metrics and reporting.
• Other assignments as required.

ESSENTIAL FUNCTIONS

• Assist in the definition, execution, training, and promotion of the organization's Secure Software Development Life Cycle Process (SSDLC)
• Ensure compliance with organizational security standards, procedures, and guidelines
• Enable risk related discussions to business partners. Engage business partners in the development of security goals.
• Ability to work independently with minimal direct supervision.
• Develop professional proficiency through independent self-improvement and by participating in educational opportunities, reading professional publications, maintaining personal networks, and participating in professional organizations.

PREFERRED QUALIFICATIONS

• Preferred professional certifications: (ISC)2, PMI/ITIL, Business Analyst
• 3+ years Business Analyst experience creating system design UML diagrams and writing requirements with Gherkin test acceptance criteria.
  1+ years Agile software development team experience
• Demonstrated problem solving skills and the ability to work collaboratively with other departments to resolve issues.
• Ability to handling multiple priorities; communicate with individuals at all levels of an organization.
• Demonstrated ability to work independently, prioritize and manage work load, and meet project deadlines.
• Skills: Proficiency
  • Office Applications: Intermediate
    • MS Word, MS Excel (including graphing), MS Outlook, MS PowerPoint
    • Content Sharing Wikis (e.g. Atlassian Confluence, MS SharePoint)
  • Meeting Facilitation: Intermediate
    • Presentation/Events (e.g. WebEx hosting, MS OneNote)
  • Architecture & Design Diagraming: Basic
    • UML diagramming (e.g. draw.io, Visio)
  • Agile Project management: Basic
    • Project management using ticketing software (e.g. Jira)
    • MS Project: WBS
  • Computer Programming: Beginner familiarity
    • Programming language such as Java, JavaScript, Go, or Python.
    • Git
    • HTML

This role is WAH/Flex which allows most work to be performed at home. Employees must be fully vaccinated if they choose to come onsite.

For this position, we anticipate offering an annual salary of $89,300 - $148,800, depending on relevant factors, including experience and geographic location.

This role is also anticipated to be eligible to participate in an annual bonus plan.

Helping our customers achieve healthier, more secure lives is at the heart of what we do. While you take care of our customers, we'll take care of you through a comprehensive benefits program that helps you be at your best. Starting on day one of your employment, you'll be offered several health-related benefits including medical, vision, dental, and best in class well-being and behavioral health programs. We also offer 401(k) with company match, company paid life insurance, tuition reimbursement, a minimum of 18 days of paid time off per year and dozens of corporate discounts on essentials you use every day. For more details on our employee benefits programs, please visit the "Life at Cigna" tab on our careersite: www.cigna.com/careers

About Evernorth

Evernorth, Cigna Corporation's health services segment, exists to elevate health for all. We're building on our legacy and redefining health care as we know it. Unbiased in how we think, we create without limitation. We partner without constraints, deliver value differently and act in the interest of humanity. Solving across silos, closing gaps in care, and empowering clients, customers, and people everywhere to move onward and upward. When you work with us, you'll be empowered to solve the problems others don't, won't or can't. Join us. What difference will you make?

Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.

If you require reasonable accommodation in completing the online application process, please email: [email protected] for support. Do not email [email protected] for an update on your application or to provide your resume as you will not receive a response.