Job Description

Principal Security Architect - ESA Focus

The Principal Security Architect (ESA) is a senior level position responsible for the development and application of the security standards and requirements that comprise and contribute to the enterprise security architecture framework. In addition, this role engages with strategic initiatives Principal Security Architect - ESA Focus, new enterprise solution development, enhanced or optimized use of existing solutions, and the development of processes that aim to better protect the confidentiality, integrity, availability, and privacy of the technology and data of the enterprise.

Job Responsibilities & Requirements:

• Translate business priorities into information security requirements to ensure protections regarding the confidentiality, integrity, availability, and privacy of the enterprise\'s technologies and its data.
• Monitor current and future security trends, changes in the business and business environment, as well as the evolving regulatory landscape and incorporate emerging trends into architecture engagements and strategic planning.
• Produce written technical reports and documentation; develop presentations on security approaches and solutions.
• Maintain a centralized Information Security Architecture data repository that includes reference architectures, security standards, security baselines, and reference material.
• Provide technical and security expertise to IT and business teams with a focus on developing the reference architectures, design patterns and associated security standards that ensure the protection of the corporate assets, brand, and data.
• Responsible for the identification of architectural gaps and inefficiencies in new and existing solutions; support remediation and mitigation efforts through appropriate planning and roadmap development.
• Solid understanding of security protocols, cryptography, authentication, authorization, and security
• Proven ability to influence other key IT and engineering constituents on the opportunity and appropriate use of security patterns and frameworks.
• Strong work ethic and sense of urgency.
• Ability to interact with a broad cross-section of personnel to explain and enforce security measures.
• Excellent written and verbalcommunication skillsas well as business acumen
• Represent Global Security Architecture as a member of various Centers of Enablement and other working groups, assisting in the development and approval of secure by design solutions.
• Other job duties as assigned.

Preferred Qualifications:

• Certification GIAC Defensible Security Architecture (GDSA) or other security architecture certification.
• Experience in information security and/or IT risk management with a focus on security, performance, and reliability
• Practical experience in the application of security controls in security engineering, design, or developing reference architectures: NIST 800-53r(4/5), ISO 27001 Annex A / ISO 27002, Cloud Security Alliance - Cloud Controls Matrix (CCM v4), Center for Internet Security - Critical Security Controls (v7/8)
• Experience with Zero Trust strategy and deployment
• Solid understanding of services and capabilities delivered by mainstream cloud service providers.
• Familiarity with Security life cycle, design review across concept, development through deployment
• Experience with threat modeling (all 7 layers), security analysis

Required Qualifications

• 7+ years\' experience in information technology experience
• 3+ years\' experience in an information security architectural role
• BA/BS degree in MIS/Computer Science or related degree required.
• Professional Certification/Training such as:

+ Certified Information Systems Security Professional (CISSP)
+ Certified Information Security Manager(CISM)
+ SANS GIAC Certification(s)

Scope and Dimensions:

• Reports to the Sr. Director of Global Security Architecture

If you will be working at home occasionally or permanently, the internet connection must be obtained through a cable broadband or fiber optic internet service provider with speeds of at least 10Mbps download/5Mbps upload.

For this position, we anticipate offering an annual salary of 129,800 - 216,300 USD / yearly, depending on relevant factors, including experience and geographic location.

This role is also anticipated to be eligible to participate in an annual bonus and long term incentive plan.

We want you to be healthy, balanced, and feel secure. That\'s why you\'ll enjoy a comprehensive range of benefits, with a focus on supporting your whole health. Starting on day one of your employment, you\'ll be offered several health-related benefits including medical, vision, dental, and well-being and behavioral health programs. We also offer 401(k) with company match, company paid life insurance, tuition reimbursement, a minimum of 18 days of paid time off per year and paid holidays. For more details on our employee benefits programs, visit Life at Cigna Group .

About Cigna Healthcare

Cigna Healthcare, a division of The Cigna Group, is an advocate for better health through every stage of life. We guide our customers through the health care system, empowering them with the information and insight they need to make the best choices for improving their health and vitality. Join us in driving growth and improving lives.

Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.

If you require reasonable accommodation in completing the online application process, please email: SeeYourself@cigna.com for support. Do not email SeeYourself@cigna.com for an update on your application or to provide your resume as you will not receive a response.

The Cigna Group has a tobacco-free policy and reserves the right not to hire tobacco/nicotine users in states where that is legally permissible. Candidates in such states who use tobacco/nicotine will not be considered for employment unless they enter a qualifying smoking cessation program prior to the start of their employment. These states include: Alabama, Alaska, Arizona, Arkansas, Delaware, Florida, Georgia, Hawaii, Idaho, Iowa, Kansas, Maryland, Massachusetts, Michigan, Nebraska, Ohio, Pennsylvania, Texas, Utah, Vermont, and Washington State.

eQuest