Information Protection Senior Advisor (Product Security - DevSecOps)

Responsibilities

• Partner with development teams to embed security practices that enable safe, scalable, and high-quality product delivery
• Design and implement automated security solutions within CI/CD pipelines to strengthen application security posture
• Integrate and optimize application security testing tools (SAST, DAST, SCA, MAST) across multiple development environments
• Influence secure architecture decisions by contributing to the design and implementation of modern applications and platforms
• Lead security assessments, threat modeling, and vulnerability analysis to proactively identify and reduce risk
• Develop and enhance reusable security services, tooling, and automation frameworks that support enterprise-wide DevSecOps maturity
• Provide expert guidance to engineering teams on secure development practices and emerging security trends
• Strengthen collaboration across cross-functional teams to promote a culture of shared security ownership
• Ensure alignment with regulatory and compliance requirements (e.g., HIPAA, PCI-DSS, GDPR) where applicable
• Improve security operational efficiency, performance, and cost optimization across application environments
• Required Qualifications
• 8+ years of experience in cybersecurity, with a focus on application or product security
• Proven experience integrating and automating security tools in CI/CD pipelines
• Strong understanding of secure software development principles and modern SDLC practices
• Hands-on experience with application security testing tools (SAST, DAST, SCA, MAST)
• Experience designing and implementing security solutions across complex development environments
• Familiarity with cloud platforms (AWS, Azure, or Google Cloud) and securing cloud-native applications
• Strong interpersonal skills with the ability to influence and collaborate across engineering teams
• Demonstrated ability to work effectively in Agile environments

Requirements

• Experience with security automation and orchestration frameworks
• Knowledge of regulatory and compliance frameworks (HIPAA, GDPR, PCI-DSS)
• Proficiency in scripting or programming languages such as Python, Java, or Shell
• Experience securing applications built with modern technologies (e.g., Java, Angular)
• Industry certifications such as CISSP, CISM, CEH, or equivalent
• Advanced degree in Computer Science, Information Security, or a related field
• If you will be working at home occasionally or permanently, the internet connection must be obtained through a cable broadband or fiber optic internet service provider with speeds of at least 10Mbps download/5Mbps upload.
• For this position, we anticipate offering an annual salary of 124,600 - 207,600 USD / yearly, depending on relevant factors, including experience and geographic location.
• This role is also anticipated to be eligible to participate in an annual bonus plan.
• About The Cigna Group
• If you need a reasonable accommodation to complete the online application process, please email seeyourself@thecignagroup.com for assistance. Please note that this email inbox is dedicated to accommodation requests only and cannot provide application updates or accept resumes.
• The Cigna

Benefits

Additional Information

Join a high-impact team driving the future of secure healthcare technology. As an Information Protection Senior Advisor, you will enable secure product delivery by embedding automated security solutions across modern development pipelines. You will partner closely with engineering teams to integrate security into every stage of the SDLC, helping protect critical applications while accelerating innovation across the organization.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Cigna? Share your experience