Cyber Security Assosciate Principal

About Evernorth: Evernorth Health Services, a division of The Cigna Group (NYSE: CI), creates pharmacy, care, and benefits solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention, and treatment of illness and disease more accessible to millions of people. Cyber Security Associate Principal Position Summary: We are seeking a highly skilled and experienced Associate Principal of Cyber Security Engineering to lead our Application and Product Security initiatives. This role is integral to our efforts in automating security solutions within our development pipelines and ensuring the highest levels of security across our products and applications. Provides hands on Security engineering and leadership for our Delivery teams. This individual will be working on several of the largest Technology initiatives for Evernorth targeted at revolutionizing Health Services and Healthcare Delivery system in the United States. The solution focuses on enabling this change through the use of the latest technologies and development techniques. Job Description & Responsibilities: Lead and manage the cybersecurity software engineering team focused on application and product security. Design, develop, and implement automated security solutions to integrate into our CI/CD pipelines. Provide architectural guidance and leadership in the development and implementation of secure software and systems. Collaborate with cross-functional teams to identify security requirements and develop security strategies. Conduct security assessments, threat modelling, and vulnerability analysis to ensure robust security measures are in place. Develop and maintain security testing services and tools to support secure development practices. Stay abreast of the latest security trends, threats, and technologies to continuously improve our security posture. Foster strong communication and relationship-building skills to negotiate and influence across various levels of the organization. Ensure compliance with industry standards and regulatory requirements. Mentor and develop team members, promoting a culture of continuous learning and improvement. Maximize the security efficiency (operational, performance, and cost) of the application assets. Experience Required: 16-18 years of experience in cybersecurity, with a focus on application and product security Bachelors or masters degree in computer science, Information Security, or a related field. Proven expertise in automating security solutions within development pipelines (CI/CD) Strong understanding of various pipeline touchpoints and integration methods. Cloud experience (AWS, Azure, Google Cloud) is highly desirable. Familiarity with modern security technologies, practices, and standards. Strong knowledge of secure software development practices and principles. Industry certifications such as CISSP, CISM, CEH, or similar are preferred. Excellent leadership and team management skills. Strong communication, relationship-building, and negotiation skills. Ability to work effectively in an Agile environment. Experience Desired: Experience with security tools and platforms such as static analysis (SAST), dynamic analysis (DAST), and runtime application self-protection (RASP). Knowledge of regulatory and compliance frameworks (e.g., GDPR, HIPAA, PCI-DSS). - Hands-on experience with security automation and orchestration. Proficiency in programming and scripting languages relevant to security (e.g., Python, Java, Shell scripting). Ability to manage and prioritize multiple projects in a fast-paced environment. Education and Training Required: College degree (Bachelor) in related technical/business areas or equivalent work experience. Industry certifications such as PMP, Scrum Master, or Six Sigma Green Belt Additional Skills: Exposure to AWS

Location: hyderabad, IN

Posted Date: 11/22/2024