Manager, Privacy Compliance & Incident Response- Remote

The job profile for this position is Legal Compliance Manager, which is a Band 4 Management Career Track Role.

Excited to grow your career?

We value our talented employees, and whenever possible strive to help one of our associates grow professionally before recruiting new talent to our open positions. If you think the open position you see is right for you, we encourage you to apply!

Our people make all the difference in our success.

We are seeking a strategic and experienced Legal Compliance Manager of Enterprise Incident Response. This role will manage privacy incidents and a team of privacy incident investigators and compliance professionals responsible for proactively researching, analyzing, and reporting on privacy incidents, including unauthorized disclosures and data breaches. This role requires advanced critical and strategic thinking to collaborate cross-functionally with business units, legal, compliance, and technology teams to identify root causes, implement corrective actions, and establish preventative measures that minimize organizational risk and drive continuous improvement.

This role requires experience in investigating large incidents, seasoned judgment, diplomacy, exceptional communication skills, and a demonstrated ability to identify and resolve issues proactively. This role will report to the Director of Enterprise Incident Response.

Key Duties and Responsibilities

• Partner with the Director of Enterprise Incident Response to implement and maintain an effective incident response program, including building cross functional partnerships with business teams to build a culture of effective and timely reporting and issue management.
• Lead the research, management, and resolution of privacy issues presented to the Privacy Office.
• Design and deliver privacy compliance training programs; perform auditing and monitoring activities to ensure ongoing adherence to regulatory requirements and internal policies.
• Prepare and issue required notifications to clients, business partners, and government regulators in accordance with applicable laws.
• Monitor the performance of the incident response program while taking appropriate steps to improve its effectiveness.
• Act as an advisor to the business in all aspects of incident response and other privacy-related questions (risk assessment, regulatory reporting, etc.).
• Serve as a subject matter expert and compliance resource for internal and external partners.
• Collaborate with other departments including the legal team, to direct compliance issues to appropriate existing channels for investigation and resolution.
• Respond to cybersecurity and privacy incidents, complaints received from customers, third parties, regulators and areas of the business. Assist with the investigation of such incidents in a consistent, uniform manner.
• Monitor, and as necessary, coordinate incident response activities of other departments to remain abreast of the status and to identify trends.
• Manage a team of Sr. Analysts responsible for handling day-to-day and large privacy incidents, ensuring thorough investigation, careful documentation, and timely resolution of incidents in a high-volume, fast-paced environment.
• Collaborate with Privacy Legal and Compliance Operations, IT, Cigna Information Protection, and Enterprise Risk Management, and other stakeholders to ensure coordinated incident handling and timely resolution.
• Partner with Cigna Information Protection team to test and execute the cyber-incident response playbook for key clients.
• Lead key client relationships to ensure all contractual and costly performance guarantees are met, including reporting incidents in accordance with the contract and perform ongoing daily communication with clients until incident is closed.
• Support strategic compliance initiatives, including internal and external audits, policy development, and employee training.

Qualifications:

If you will be working at home occasionally or permanently, the internet connection must be obtained through a cable broadband or fiber optic internet service provider with speeds of at least 10Mbps download/5Mbps upload.

For this position, we anticipate offering an annual salary of 103,100 - 171,900 USD / yearly, depending on relevant factors, including experience and geographic location.

This role is also anticipated to be eligible to participate in an annual bonus plan.

At The Cigna Group, you’ll enjoy a comprehensive range of benefits, with a focus on supporting your whole health. Starting on day one of your employment, you’ll be offered several health-related benefits including medical, vision, dental, and well-being and behavioral health programs. We also offer 401(k), company paid life insurance, tuition reimbursement, a minimum of 18 days of paid time off per year and paid holidays. For more details on our employee benefits programs, click here.

Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.

Please note that you must meet our posting guidelines to be eligible for consideration.  Policy can be reviewed at this link.

Qualified applicants with criminal histories will be considered for employment in a manner consistent with all federal, state and local ordinances.