Information Protection Senior Advisor - (Cloud Vulnerability Management)

Responsibilities

• Lead the strategy and continuous evolution of a best-in-class cloud vulnerability management program, advancing automation, analytics, and risk-based prioritization to improve detection and remediation outcomes
• Design and implement scalable strategies, workflows, and procedures for identifying, assessing, prioritizing, remediating, and reporting vulnerabilities across public and private cloud environments
• Partner with cloud architecture, engineering, and application development teams to maintain comprehensive visibility into vulnerabilities and drive timely risk reduction across large-scale cloud environments
• Integrate security best practices and governance into cloud development processes, enabling secure-by-design development and DevSecOps adoption
• Deliver and continuously enhance vulnerability and remediation metrics, using KPIs to demonstrate program effectiveness, reduce risk, and drive accountability
• Develop and execute integration and automation strategies across multiple vulnerability management and cloud security toolsets
• Perform risk-based technical assessments to evaluate exposure and recommend mitigation strategies
• Monitor security alerts and advisories and coordinate cross-functional response to ensure vulnerabilities are properly addressed
• Analyze vulnerability data to identify trends, emerging risks, and opportunities to strengthen security posture
• Translate technical risks into clear, business-aligned insights, effectively communicating urgency and impact to technical and non-technical stakeholders
• Lead cross-functional discussions, build consensus, and influence stakeholders across engineering and business teams to accelerate remediation outcomes
• Communicate program status, priorities, risks, and progress to leadership and key stakeholders, including accomplishments, blockers, and next steps
• Stay current on emerging threats, vulnerabilities, and industry best practices to continuously improve program effectiveness
• Required Qualifications
• 5+ years of experience in information security, vulnerability management, cloud security, DevSecOps, or a related field
• Hands-on experience with cloud vulnerability and security tools such as Wiz, Prisma Cloud, TwistLock, Aqua, StackRox (Red Hat ACS), Cloud Conformity, Tenable, or similar
• Experience securing cloud environments across AWS, Azure, Google Cloud Platform, and other major cloud providers (e.g., OCI, Alibaba)
• Strong knowledge of DevSecOps practices, including container security, Docker, and Kubernetes
• Experience integrating security into CI/CD pipelines and the software development lifecycle (SDLC)
• Proven ability to perform risk-based vulnerability assessments and communicate impact to technical and non-technical stakeholders
• Experience developing automation to improve security operations and remediation efficiency
• Strong understanding of security frameworks, risk models, and industry best practices
• Demonstrated ability to operate in a complex, matrixed environment-leading initiatives, influencing stakeholders, and driving outcomes
• Strong analytical, problem-solving, and communication skills

Requirements

• Bachelor's degree in Information Security, Computer Science, or a related field
• Experience with application security testing tools (SAST, DAST, IAST, SCA)
• Familiarity with programming languages such as Python, Java, or JavaScript
• Experience with CI/CD tools such as Jenkins, GitLab CI/CD, or CircleCI
• Experience in a regulated industry such as healthcare, financial services, or government
• Relevant certifications such as CISSP, CISM, or similar
• If you will be working at home occasionally or permanently, the internet connection must be obtained through a cable broadband or fiber optic internet service provider with speeds of at least 10Mbps download/5Mbps upload.
• For this position, we anticipate offering an annual salary of 124,600 - 207,600 USD / yearly, depending on relevant factors, including experience and geographic location.
• This role is also anticipated to be eligible to participate in an annual bonus plan.

Benefits

Additional Information

Are you passionate about strengthening cloud security at scale? This role leads the strategy and technical evolution of the enterprise cloud vulnerability management program-driving secure-by-design practices and measurable risk reduction across a complex, multi-cloud environment. You will partner across engineering, architecture, and security teams to integrate security governance into cloud development processes and ensure vulnerabilities are identified, prioritized, and remediated effectively.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Cigna? Share your experience