The Data Loss Prevention (DLP) Senior Manager will be responsible for leading a dedicated DLP Technical team which will focus on new Cyber Security Technology along with the mindset of creating an "Insider Threat Program".

The DLP Manager will need to ensure monitoring and responding to data loss / insider threats that effect the Cigna environment.

Additionally, the DLP Manager will need to be engaged / aware of the latest OpenAI Technology the Cyber Security force has to offer.

Responsibilities :

• Create and maintain policies within Data Loss tool to prevent risk to company
• Managing the triage analysis and verification of information security threats.
• Knowledge of various tools and techniques for analysis and identification of the nature of threats.
• Perform security analysis of network traffic data and report on threats for handoff and additional analysis.
• Threat containment through use of threat management tools and infrastructure security controls.
• Support projects to assist in deployment, tuning and configuration of new technology.
• Analyze and review cases until closure which includes investigating and recommending appropriate corrective actions for cyber security incidents and communicating with the implementation staff responsible or taking corrective actions.
• Provide supporting evidence and tactical response resulting from technical analysis and direction of forensic investigations.
• Monitoring and providing some direction for administration of corporate perimeter security systems like firewalls, IDPS and SIEM.
• Provide recommendations of security improvements by assessing current situation, evaluating trends, and anticipating requirements.
• Support 24x7 on call for escalated security incidents on a rotational basis.
• Identify critical security issues and provide recommendations of risk-reduction solutions.

Technical Skills :

• Strong understanding of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols.
• Experience with log analysis, traffic flow analysis and experience with associated infrastructure and systems to aid in the identification of malware or other malicious behavior
• Strong knowledge of Linux and Microsoft Windows Server or other operating systems.
• Strong understanding of Cloud Security (CASB)
• Knowledge of, and experience with, TCP / IP protocol and an understanding of packet analysis tools such as tcpdump.
• Working knowledge of common cyber security incident types such as denial of service attacks, malicious software infections, active intrusion techniques, and misappropriate use scenarios.
• Experience utilizing a broad array of security tools including Security Information and Event Management (SIEM) system, intrusion detection systems, web proxy systems, routers, switches, firewall deployment and other tools used to assess network security.
• Understanding of techniques used to analyze network traffic for malicious activity and perform packet analysis.
• Demonstrated experience with network and endpoint data loss prevention (DLP) tools. Candidate will be required to utilize various security tools to monitor security risks in the CIGNA internal network, create cases in case tracking tool and initiate investigation where warranted.

Soft Skills :

• Demonstrated ability to work in a team environment.
• Ability to effectively prioritize tasks and work independently with minimal daily management interaction.
• Excellent written and verbal communication skills, analytical ability, strong judgment and leadership skills, and the ability to work effectively with clients and IT management and staff.
• Ability to participate in customer and partner facing meetings and projects, including those that involve technical topics or technical service delivery.
• Strong analytical skills and ability to creatively challenge current methods and procedures.
• Ability to operate and contribute effectively as a remote member of a global Information Protection team.

Preferred Qualifications :

• Scripting ability in Python, Perl and a deep understanding of command line tools such as grep and tcpdump preferred.
• Industry recognized certification in cyber security such as GCIA, GCIH, CISSP or similar are a plus
• Networking certifications (e.g. CCNA - Security, CCNP) and demonstrated practical experience

Last updated : 2024-04-28