Head of Security

Responsibilities
• Manage all external local client and regularity engagements including fielding queries, regulatory & compliance submissions in conjunction with matrix Cigna Information Protection Shared Service Partners and governance stakeholders, legal, compliance and data privacy.
• Lead localized Controls Assurance activities, define and track effectively control testing and remediation risks for local business line. Coordinate Shared Service benchmarking exercises (NIST etc.) using Cigna Information Protection standards.
• Leverage the Enterprise Risk Management framework, perform focused localized risk assessments of existing or new services and technologies in line with policies and standards, and manage the risk exceptions process. Develop residual risk registers and integrate into Shared Service Integrated Risk Management Framework.
• Coordinate the local delivery of global Cyber & Privacy portfolio risk mitigation projects and programs into business line / region. Conversely feed the portfolio by registering local business line residual risk outputs driving controls mitigation activity.
• Evolve Cigna Information Protection security policies and processes, aligning to local business requirements and operate the policy exceptions management process. Coordinate security education & awareness initiatives in line with policy framework, integrate with the Shared Service overall thematic awareness program.