Information Protection Senior Advisor (Product Security – DevSecOps)

Join a high-impact team driving the future of secure healthcare technology. As an Information Protection Senior Advisor, you will enable secure product delivery by embedding automated security solutions across modern development pipelines. You will partner closely with engineering teams to integrate security into every stage of the SDLC, helping protect critical applications while accelerating innovation across the organization.

Responsibilities

Partner with development teams to embed security practices that enable safe, scalable, and high-quality product delivery

Design and implement automated security solutions within CI/CD pipelines to strengthen application security posture

Integrate and optimize application security testing tools (SAST, DAST, SCA, MAST) across multiple development environments

Influence secure architecture decisions by contributing to the design and implementation of modern applications and platforms

Lead security assessments, threat modeling, and vulnerability analysis to proactively identify and reduce risk

Develop and enhance reusable security services, tooling, and automation frameworks that support enterprise-wide DevSecOps maturity

Provide expert guidance to engineering teams on secure development practices and emerging security trends

Strengthen collaboration across cross-functional teams to promote a culture of shared security ownership

Ensure alignment with regulatory and compliance requirements (e.g., HIPAA, PCI-DSS, GDPR) where applicable

Improve security operational efficiency, performance, and cost optimization across application environments

Required Qualifications

8+ years of experience in cybersecurity, with a focus on application or product security

Proven experience integrating and automating security tools in CI/CD pipelines

Strong understanding of secure software development principles and modern SDLC practices

Hands-on experience with application security testing tools (SAST, DAST, SCA, MAST)

Experience designing and implementing security solutions across complex development environments

Familiarity with cloud platforms (AWS, Azure, or Google Cloud) and securing cloud-native applications

Strong interpersonal skills with the ability to influence and collaborate across engineering teams

Demonstrated ability to work effectively in Agile environments

Preferred Qualifications

Experience with security automation and orchestration frameworks

Knowledge of regulatory and compliance frameworks (HIPAA, GDPR, PCI-DSS)

Proficiency in scripting or programming languages such as Python, Java, or Shell

Experience securing applications built with modern technologies (e.g., Java, Angular)

Industry certifications such as CISSP, CISM, CEH, or equivalent

Advanced degree in Computer Science, Information Security, or a related field

If you will be working at home occasionally or permanently, the internet connection must be obtained through a cable broadband or fiber optic internet service provider with speeds of at least 10Mbps download/5Mbps upload.

For this position, we anticipate offering an annual salary of 124,600 - 207,600 USD / yearly, depending on relevant factors, including experience and geographic location.

This role is also anticipated to be eligible to participate in an annual bonus plan.

At The Cigna Group, you’ll enjoy a comprehensive range of benefits, with a focus on supporting your whole health. Starting on day one of your employment, you’ll be offered several health-related benefits including medical, vision, dental, and well-being and behavioral health programs. We also offer 401(k), company paid life insurance, tuition reimbursement, a minimum of 18 days of paid time off per year, paid holidays, and leaves of absence. For more details on our employee benefits programs, click here.

About The Cigna Group

Doing something meaningful starts with a simple decision, a commitment to changing lives. At The Cigna Group, we’re dedicated to improving the health and vitality of those we serve. Through our divisions Cigna Healthcare and Evernorth Health Services, we are committed to enhancing the lives of our clients, customers and patients. Join us in driving growth and improving lives.

If you need a reasonable accommodation to complete the online application process, please email seeyourself@thecignagroup.com for assistance. Please note that this email inbox is dedicated to accommodation requests only and cannot provide application updates or accept resumes.

The Cigna Group has a tobacco-free policy and reserves the right not to hire tobacco/nicotine users in states where that is legally permissible. Candidates in such states who use tobacco/nicotine will not be considered for employment unless they enter a qualifying smoking cessation program prior to the start of their employment. These states include: Alabama, Alaska, Arizona, Arkansas, Delaware, Florida, Georgia, Hawaii, Idaho, Iowa, Kansas, Maryland, Massachusetts, Michigan, Nebraska, Ohio, Pennsylvania, Texas, Utah, Vermont, and Washington State.

Qualified applicants with criminal histories will be considered for employment in a manner consistent with all federal, state and local ordinances.