Cyber Security Associate Advisor - HIH - Evernorth at Cigna Healthcare

Hyderabad, Telangana, India -

Full Time

Start Date

Immediate

Expiry Date

31 May, 26

Salary

0.0

Posted On

02 Mar, 26

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Offensive Security, Red Team Operations, Adversarial TTPs, Social Engineering, Application Manipulation, Python, PowerShell, Bash, C/C++, C#, Command and Control Frameworks, Cloud Platforms, Active Directory Exploitation, Web Application Exploitation, Exploit Development, Reverse Engineering

Industry

Hospitals and Health Care

Description

Cyber Security Associate Advisor - HIH - Evernorth Position Summary: A successful Red Team member should possess a deep understanding of information security and computer science paired with experience executing highly technical offensive assessments. They should understand advanced red and purple team campaign concepts such as performing social engineering and covert operations against complex networks while remaining entirely undetected, advanced application manipulation, and basic programming concepts. They should be able to improve the overall detection and response capabilities of the organization by understanding adversarial TTPs, developing engagements that emulate specific threat actors of concern, and engaging with the Blue Team during and post engagement. At Cigna, you’ll be working with some of the best experts in the industry and faced with complex problem-solving opportunities daily. We help protect some of the most sensitive and valuable data for millions of members throughout the world and red teaming is critical to validating our global security posture. You are expected to quickly assimilate new information as you will face new environments across the globe on a regular basis. You will be expected to understand the relevant threat vectors to each environment and properly assess them, engage with peer teams (e.g., Cyber Threat Intelligence, Threat Hunt, and Incident Response) to develop engagements and effectively communicate results to a wide variety of audiences. Job Description & Responsibilities: Execute offensive security engagements, with a focus on advanced red team operations Engage with key service customers, partners, and stakeholders across the enterprise to drive improved security outcomes Identify, develop, and promote new red team capabilities and improve Adversary Simulation’s overall program maturity Technical mentorship and skill development of junior team members Experience Required: Overall 8 - 11 years of IT and/or information security experience Minimum 5 years spent performing red team engagements or advanced offensive security exercises in a professional environment Deep understanding of cybersecurity principles, network security, and modern attack vectors Advanced understanding of common network and host-based attacks and OPSEC-related considerations for offensive tradecraft Proven experience bypassing modern security controls to accomplish operational objectives Proficiency in scripting languages (Python, PowerShell, Bash) and familiarity with programming languages (C/C++, C#) Experience with or an understanding of: Command and Control frameworks (and related OPSEC considerations) Cloud Platforms/Environments Active Directory Exploitation Web Application Exploitation Social Engineering Exploit Development Reverse engineering Demonstrated ability to produce comprehensive reports and explain complex technical details in a concise, understandable manner Ability to manage and balance own time among multiple tasks and lead/facilitating work for junior operators during engagements when required Experience Desired: Experience performing offensive security operations within the healthcare industry Familiarity with cloud environments (AWS, Azure, GCP) and associated security challenges Knowledge of healthcare regulations such as HIPAA and their implications for security practices Education and Training Required: Bachelor’s degree in Computer Science, Information Security, or a related field. Equivalent experience may be considered Relevant certifications such as OSCP, OSCE, OSEP, GXPN, CRTO, or similar Primary Skills: Advanced knowledge and experience in offensive security techniques and red teaming Ability to emulate sophisticated adversaries and design realistic attack scenarios Excellent analytical and problem-solving skills with a keen attention to detail Additional Skills: Ability to work effectively in a team-oriented environment and collaborate with cross-functional teams Flexibility to adapt to evolving security challenges and stay current with emerging threats Willingness and ability to mentor and develop junior team members About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives. Doing something meaningful starts with a simple decision, a commitment to changing lives. At The Cigna Group, we’re dedicated to improving the health and vitality of those we serve. Through our divisions Cigna Healthcare and Evernorth Health Services, we are committed to enhancing the lives of our clients, customers and patients. Join us in driving growth and improving lives.

Responsibilities

The role involves executing advanced offensive security engagements, focusing on red team operations and improving organizational detection and response capabilities by emulating threat actors. Responsibilities also include identifying and promoting new red team capabilities and providing technical mentorship to junior team members.