At Evernorth, we're more than a health insurance company. We're a global health service company. Identity and Access Management (IAM) is an integral part of IT whose mission is to enforce the principle of Least Privilege through regular reviews and other technical access controls while preserving compliance for testing by external auditors.Help us audit our future and reduce risk through proactive control monitoring. Get ready for a job that encourages you to think strategically yet stay connected with your teams. Do you have Audit and data analytics experience? If so, prepare to innovate, create, and inspire. The Identity Governance Controls and Audit Engineer will be responsible for the design, development, and delivery of the enterprise Access Control audit evidence. Access controls are operated to enforce the principle of Least Privilege and meet stringent regulatory requirements. These controls are tested by external auditors for accuracy and completeness which requires flawless and consistent execution with compelling documentation.This position will also facilitate control gap identification, risk remediation, and proactive control monitoring. Responsibilities include, but are not limited to, the following:
Deliver and present control evidence to internal and external auditors.
Contribute to the planning and execution of Audit finding remediation.
Audit evidence quality analysis.
Work among various teams within the Identity and Access Management (IAM) department to validate, analyze, and articulate user access controls.
Develop automated capabilities that support proactive control monitoring, evidence gathering and reporting.
Ensure the effective testing of all IAM controls, as well as provide timely accurate reporting of the results.
Qualifications:
High School Diploma or equivalent; Bachelors degree preferred.
Experience as an Information Systems Auditor.
Proficiency in scripting and programming languages (e.g., Python, Java, PowerShell, SQL, etc.).
Experience in data analytics and/or data mining preferred.
Hands-on experience with Identity Governance tools such as Saviynt, Aveska, CyberArk, and Active Directory.
Basic experience working in the fields of Identity and Access Management and Privileged Access Management.
Effective verbal and written communication skills for working with both technical teams and business end users.
Ability to adapt in a dynamic work environment by learning quickly, solving problems, and making decisions with minimal supervision.
Act as SME to senior stakeholders and team members.
Proficient in developing project metrics, including gathering reporting, trend analysis, creation, and metrics.
Ability to identify issues and problems, generate solutions, and choose appropriate alternatives using basic root cause analysis.
Experience with compliance frameworks such as SOX, SOC1, SOC2, PCI, NIST, and HIPAA.
Understanding of information risk management concepts and proven ability to meet strict audit deadlines.
Demonstrated ability to coordinate people and teams cross functionally to resolve complex issues with designated time frames.
Proactive and positive mindset.
CPA, CISA, or CISSP preferred.
Education/Experience Requirements
Education
Bachelor degree in Computer Science, Cyber Security, Information Technology, Information Sciences, or equivalent educational or professional experience and/or qualifications
Work Experience
3-5 years’ experience all aspects of computer operations or an equivalent combination of education and work experience
Preferred: 2-4 years experience with SOX/SOC1/SOC2 audits over Security, Availability, Confidentiality, Privacy, and Processing Integrity Trust Service Principles.
If you will be working at home occasionally or permanently, the internet connection must be obtained through a cable broadband or fiber optic internet service provider with speeds of at least 10Mbps download/5Mbps upload.About The Cigna GroupDoing something meaningful starts with a simple decision, a commitment to changing lives. At The Cigna Group, we’re dedicated to improving the health and vitality of those we serve. Through our divisions Cigna Healthcare and Evernorth Health Services, we are committed to enhancing the lives of our clients, customers and patients. Join us in driving growth and improving lives.Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.If you require reasonable accommodation in completing the online application process, please email: [email protected] for support. Do not email [email protected] for an update on your application or to provide your resume as you will not receive a response.The Cigna Group has a tobacco-free policy and reserves the right not to hire tobacco/nicotine users in states where that is legally permissible. Candidates in such states who use tobacco/nicotine will not be considered for employment unless they enter a qualifying smoking cessation program prior to the start of their employment. These states include: Alabama, Alaska, Arizona, Arkansas, Delaware, Florida, Georgia, Hawaii, Idaho, Iowa, Kansas, Maryland, Massachusetts, Michigan, Nebraska, Ohio, Pennsylvania, Texas, Utah, Vermont, and Washington State.