Information Protection Senior Advisor (Product Security - DevSecOps)

Join a high-impact team driving the future of secure healthcare technology. As an Information Protection Senior Advisor, you will enable secure product delivery by embedding automated security solutions across modern development pipelines. You will partner closely with engineering teams to integrate security into every stage of the SDLC, helping protect critical applications while accelerating innovation across the organization.

Responsibilities

• Partner with development teams to embed security practices that enable safe, scalable, and high-quality product delivery
• Design and implement automated security solutions within CI/CD pipelines to strengthen application security posture
• Integrate and optimize application security testing tools (SAST, DAST, SCA, MAST) across multiple development environments
• Influence secure architecture decisions by contributing to the design and implementation of modern applications and platforms
• Lead security assessments, threat modeling, and vulnerability analysis to proactively identify and reduce risk
• Develop and enhance reusable security services, tooling, and automation frameworks that support enterprise-wide DevSecOps maturity
• Provide expert guidance to engineering teams on secure development practices and emerging security trends
• Strengthen collaboration across cross-functional teams to promote a culture of shared security ownership
• Ensure alignment with regulatory and compliance requirements (e.g., HIPAA, PCI-DSS, GDPR) where applicable
• Improve security operational efficiency, performance, and cost optimization across application environments

Required Qualifications

• 8+ years of experience in cybersecurity, with a focus on application or product security
• Proven experience integrating and automating security tools in CI/CD pipelines
• Strong understanding of secure software development principles and modern SDLC practices
• Hands-on experience with application security testing tools (SAST, DAST, SCA, MAST)
• Experience designing and implementing security solutions across complex development environments
• Familiarity with cloud platforms (AWS, Azure, or Google Cloud) and securing cloud-native applications
• Strong interpersonal skills with the ability to influence and collaborate across engineering teams
• Demonstrated ability to work effectively in Agile environments

Preferred Qualifications

• Experience with security automation and orchestration frameworks
• Knowledge of regulatory and compliance frameworks (HIPAA, GDPR, PCI-DSS)
• Proficiency in scripting or programming languages such as Python, Java, or Shell
• Experience securing applications built with modern technologies (e.g., Java, Angular)
• Industry certifications such as CISSP, CISM, CEH, or equivalent
• Advanced degree in Computer Science, Information Security, or a related field

If you will be working at home occasionally or permanently, the internet connection must be obtained through a cable broadband or fiber optic internet service provider with speeds of at least 10Mbps download/5Mbps upload.

For this position, we anticipate offering an annual salary of 124,600 - 207,600 USD / yearly, depending on relevant factors, including experience and geographic location.

This role is also anticipated to be eligible to participate in an annual bonus plan.

At The Cigna Group, you'll enjoy a comprehensive range of benefits, with a focus on supporting your whole health. Starting on day one of your employment, you'll be offered several health-related benefits including medical, vision, dental, and well-being and behavioral health programs. We also offer 401(k), company paid life insurance, tuition reimbursement, a minimum of 18 days of paid time off per year, paid holidays, and leaves of absence. For more details on our employee benefits programs, click here.

About The Cigna Group

Doing something meaningful starts with a simple decision, a commitment to changing lives. At The Cigna Group, we're dedicated to improving the health and vitality of those we serve. Through our divisions Cigna Healthcare and Evernorth Health Services, we are committed to enhancing the lives of our clients, customers and patients. Join us in driving growth and improving lives.

Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.

If you need a reasonable accommodation to complete the online application process, please email seeyourself@thecignagroup.com for assistance. Please note that this email inbox is dedicated to accommodation requests only and cannot provide application updates or accept resumes.

The Cigna Group has a tobacco-free policy and reserves the right not to hire tobacco/nicotine users in states where that is legally permissible. Candidates in such states who use tobacco/nicotine will not be considered for employment unless they enter a qualifying smoking cessation program prior to the start of their employment. These states include: Alabama, Alaska, Arizona, Arkansas, Delaware, Florida, Georgia, Hawaii, Idaho, Iowa, Kansas, Maryland, Massachusetts, Michigan, Nebraska, Ohio, Pennsylvania, Texas, Utah, Vermont, and Washington State.

Qualified applicants with criminal histories will be considered for employment in a manner consistent with all federal, state and local ordinances.