Evernorth BISO Principal

About The Position

Requirements

• Education: BA/BS in business or technical field; MBA preferred but not required
• Experience: Minimum 10+ years in Information Security/Cybersecurity with ability to translate technical controls into business terms
• Minimum 5+ years in cyber leadership roles within Fortune 500 organizations
• Proven ability to influence and lead matrix teams; strong business acumen and global cultural awareness
• Implementation-level knowledge of security standards and frameworks (ISO, NIST, PCI-DSS, FedRAMP)
• Healthcare or Health IT required; Insurance & Financial Services preferred
• If you will be working at home occasionally or permanently, the internet connection must be obtained through a cable broadband or fiber optic internet service provider with speeds of at least 10Mbps download/5Mbps upload.

Nice To Haves

• Certifications: CISSP, CISM, or equivalent preferred
• Familiarity with GRC tools and workflow management systems

Responsibilities

• Strategic Leadership & Business Alignment Understand business strategy and anticipate cyber risk impacts; integrate security into business planning Champion enterprise cybersecurity initiatives, including multi-year Pharmacy Security Program & risk mitigation tied to the threat landscape
• Risk Management & Governance Parter with the CIP Governance, Risk, and Compliance team to embed risk management into the delivery lifecycle & layered defence model Develop and maintain organizational-wide cyber risk views in collaboration with CIP, Audit, Compliance, ERM, Legal, and Privacy Ensure adherence to CIP standards and frameworks (ISO/IEC 27001/27002, NIST CSF, PCI-DSS) and management of policy exceptions
• Operational Execution Partner with the Strategic Delivery Office to ensure delivery of global Cyber & Privacy risk mitigation programs for Pharmacy & Care Influence secure coding and DevSecOps practices into Agile pipelines to minimize vulnerabilities Ensure visibility into incident response, regulatory reporting, and forensic investigations in partnership with the CIP Global Threat Management team
• Stakeholder Engagement & Communication Provide localized risk and vulnerability reporting to business governance forums for data-driven decisions Partner with Global Architecture teams to implement standard security solutions and feed local requirements into global roadmaps
• Change & Integration Partner with the Cyber Mergers and Acquisitions team to integrate new companies securely

Benefits

• At The Cigna Group, you’ll enjoy a comprehensive range of benefits, with a focus on supporting your whole health.
• Starting on day one of your employment, you’ll be offered several health-related benefits including medical, vision, dental, and well-being and behavioral health programs.
• We also offer 401(k), company paid life insurance, tuition reimbursement, a minimum of 18 days of paid time off per year and paid holidays.