.. products Answer customer questions and provide exceptional service Maintain a clean and organized showroom Process sales transactions and handle cash or card payments Help with setting up displays and arranging products Requirements: Basic knowledge of lighting products (preferred) Excellent communication .. read more
About Evernorth: Evernorth Health Services, a division of The Cigna Group (NYSE: CI), creates pharmacy, care, and benefits solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention, and treatment of illness and disease more accessible to millions of people.
Title : Information Protection Lead Analyst
Job Description Summary: The Information Protection Lead Analyst is responsible for providing general technical, operational and risk management support to Cigna's Information Protection (CIP) Middle East and Africa (MEA) team. This role will support in enforcing standard information protection controls through infrastructure, application and third-party security assessments. Work with the Cigna Information Protection team as required to support vulnerability assessments, assisting with penetration tests, tracking and remediation of findings.
This role will work closely with the CIP MEA team to identify, evaluate, and remediate potential weaknesses in Cigna’s systems, using both manual and automated methods. In addition, this role will support the dashboard reporting, coordination of incident responses, risk assessments and other CIP led initiatives.
Responsibilities: Perform regular risk & activity reporting on Key Risk Indicators (KRI) and Key Performance Indicators (KPI) Perform issue tracking and resolution with local security teams Work with CIP MEA team and key stakeholders to managing security incidents relevant to the MEA region Work with individual local security teams assigned to ensure security controls applied are compliant to CIP policies and standards Assist in the review and approval of application/infrastructure changes in terms of security Assist in the creation of comprehensive and accurate security reports with recommendations for appropriate remediation and communicate risk findings with development and infrastructure teams. Assist in the review and development of local CIP policies , standards and guidelines Assist in the conduct of regulatory and internal audits as required Assist CIP and IT teams to implement standard security solutions and capabilities that are aligned with business, technology and threat drivers Maintain strong working relationships with individuals and groups involved in managing information risks across the organization Stay abreast of current and emerging security threats and security architectures to mitigate the threats
Skills required: Demonstrated ability to work as both an individual contributor and a team player in a fast paced environment. Demonstrated ability to identify cyber security risks and develop treatment plans working with key stakeholders Coordinate with people and teams to forecast activity completion and the ability to work in a team environment, sharing workloads and responsibilities. Knowledge of Windows and *nix-based operating systems. Understanding of core Internet protocols (e.g. TCP, UDP, DNS, HTTP, TLS, IPsec) and the OSI model. Understanding of encryption fundamentals (symmetric/asymmetric, ECB/CBC operations, AES, etc.). Understanding of Cloud environments such as SaaS, PaaS and IaaS. Understanding of OWASP. Knowledge of networking fundamentals and common attacks. Ability to analyze vulnerabilities and misconfigurations, appropriately characterize threats, and provide remediation recommendations.
Qualifications: High School diploma; Bachelor's degree preferred. Qualified candidates will typically have 5 to 8+ years of professional IT experience work experience, 4 years or more of security operations or security governance, risk and compliance experience. CISSP, CRISC or similar certifications desired Passionate about security and finding new ways to protect systems as well as break them Strong analytical and problem solving skills, with the ability to “think outside the box”. Ability to work in a flexible environment where requirements and procedures continuously evolve. Strong oral and written communication skills, including a demonstrated ability to prepare documentation and presentations for technical and non-technical audiences.
Title : Information Protection Lead Analyst
Job Description Summary: The Information Protection Lead Analyst is responsible for providing general technical, operational and risk management support to Cigna's Information Protection (CIP) Middle East and Africa (MEA) team. This role will support in enforcing standard information protection controls through infrastructure, application and third-party security assessments. Work with the Cigna Information Protection team as required to support vulnerability assessments, assisting with penetration tests, tracking and remediation of findings.
This role will work closely with the CIP MEA team to identify, evaluate, and remediate potential weaknesses in Cigna’s systems, using both manual and automated methods. In addition, this role will support the dashboard reporting, coordination of incident responses, risk assessments and other CIP led initiatives.
Responsibilities: Perform regular risk & activity reporting on Key Risk Indicators (KRI) and Key Performance Indicators (KPI) Perform issue tracking and resolution with local security teams Work with CIP MEA team and key stakeholders to managing security incidents relevant to the MEA region Work with individual local security teams assigned to ensure security controls applied are compliant to CIP policies and standards Assist in the review and approval of application/infrastructure changes in terms of security Assist in the creation of comprehensive and accurate security reports with recommendations for appropriate remediation and communicate risk findings with development and infrastructure teams. Assist in the review and development of local CIP policies , standards and guidelines Assist in the conduct of regulatory and internal audits as required Assist CIP and IT teams to implement standard security solutions and capabilities that are aligned with business, technology and threat drivers Maintain strong working relationships with individuals and groups involved in managing information risks across the organization Stay abreast of current and emerging security threats and security architectures to mitigate the threats
Skills required: Demonstrated ability to work as both an individual contributor and a team player in a fast paced environment. Demonstrated ability to identify cyber security risks and develop treatment plans working with key stakeholders Coordinate with people and teams to forecast activity completion and the ability to work in a team environment, sharing workloads and responsibilities. Knowledge of Windows and *nix-based operating systems. Understanding of core Internet protocols (e.g. TCP, UDP, DNS, HTTP, TLS, IPsec) and the OSI model. Understanding of encryption fundamentals (symmetric/asymmetric, ECB/CBC operations, AES, etc.). Understanding of Cloud environments such as SaaS, PaaS and IaaS. Understanding of OWASP. Knowledge of networking fundamentals and common attacks. Ability to analyze vulnerabilities and misconfigurations, appropriately characterize threats, and provide remediation recommendations.
Qualifications: High School diploma; Bachelor's degree preferred. Qualified candidates will typically have 5 to 8+ years of professional IT experience work experience, 4 years or more of security operations or security governance, risk and compliance experience. CISSP, CRISC or similar certifications desired Passionate about security and finding new ways to protect systems as well as break them Strong analytical and problem solving skills, with the ability to “think outside the box”. Ability to work in a flexible environment where requirements and procedures continuously evolve. Strong oral and written communication skills, including a demonstrated ability to prepare documentation and presentations for technical and non-technical audiences.