Cigna Senior Threat Hunter in St. Louis, Missouri
Remote position possible.
As a member of the Cyber Security Global Threat Management team, the Threat Hunting Information Protection Senior Advisor utilizes the cyber threat hunting process to proactively and iteratively search through networks to identify and isolate advanced threats. They will support the planning, scoping, collection, analysis, and reporting of hunt information to increase the security posture of Cigna. Additionally, they will create new detections and analytics for identification of new threats and support Incident Response with advanced pivoting and correlation as necessary.
• Utilize threat intelligence, current trends, and vulnerability information to perform hunts on Cigna networks
• Be involved in all phases of a hunt engagement including planning, scoping, collection, analysis, and reporting
• Interface with other organizations to validate findings and make recommendations for the remediation of identified anomalies and vulnerabilities
• Interface with Incident Response Team, stay aware of and provide Threat Hunt support to ongoing incidents on Cigna networks
• Interface with Threat Intelligence Team to operationalize threat intelligence information
• Analysis and mapping of log sources and detections to the MITRE ATT&CK matrix or other applicable frameworks to understand and advance Cigna security posture
• Advance the current state of threat detection including correlation of log events, implementation of new capabilities, integrations between capabilities, development of analytics and detections, etc.
• Strong analytical skills and ability working with large data sets
• Knowledge of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols
• Advanced knowledge of log analysis, traffic flow analysis and experience with associated infrastructure and systems to aid in the identification of malware or other malicious behavior
• Able to provide recommendations of security improvements by assessing current efficacy of current capabilities/solutions, evaluating trends and anticipating requirements
• Knowledge of virtual environments, Cloud platforms (IaaS), network operating systems, mobile device environments, and data encryption methods
• Strong knowledge of a broad array of security tools including Security Information and Event Management (SIEM) system, intrusion detection systems, web proxy systems, threat intelligence platforms and other tools used to assess network security
• Strong knowledge of the technical details involved in current APT threats and exploits involving various operating systems, applications and networking protocols, including working knowledge of the Cyber Kill Chain and MITRE ATT&CK Matrix
• Demonstrated ability to work in a team environment both in-person and remotely
• Excellent written and verbal communication skills, analytical ability, and the ability to work effectively with peers, IT management and senior leaders
• Must be able to multi-task and work independently on assignments using professional discretion and judgment as well as transition quickly between projects with limited supervision
• Ability to participate in customer and partner facing meetings and projects, including those that involve technical topics or technical service delivery
Cigna Corporation (NYSE: CI) is a global health service company dedicated to improving the health, well-being and peace of mind of those we serve. We offer an integrated suite of health services through Cigna, Express Scripts, and our affiliates including medical, dental, behavioral health, pharmacy, vision, supplemental benefits, and other related products. Together, with our 74,000 employees worldwide, we aspire to transform health services, making them more affordable and accessible to millions. Through our unmatched expertise, bold action, fresh ideas and an unwavering commitment to patient-centered care, we are a force of health services innovation.
When you work with Cigna, you’ll enjoy meaningful career experiences that enrich people’s lives while working together to make the world a healthier place. What difference will you make? To see our culture in action, search #TeamCigna on Instagram.
Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.
If you require reasonable accommodation in completing the online application process, please email: SeeYourself@cigna.com for support. Do not email SeeYourself@cigna.com for an update on your application or to provide your resume as you will not receive a response.