Apply on Employer Site

The Cigna Group · 5 days ago

Information Protection Senior Advisor (36591253)

United States

Contract

Remote

Senior Level

$70/hr - $80/hr

5+ years exp

The Cigna Group is a global health service company, and they are seeking a Senior Advisor Security Architect with a focus on identity management. The role involves collaborating with various teams to embed security considerations throughout the solution lifecycle and defining security requirements while conducting security design assessments.

CommercialHealth CareHospitalInsuranceMedical

Responsibilities

Lead design reviews for platform, application, and cloud solutions; identify risks and recommend mitigations aligned to security best practices and internal security requirements

Maintain and expand the security architecture documentation library, ensuring consistency across requirements documents, frameworks components and design artifacts

Partner with IAM/CCOE to mature MFA and risk-based access patterns and document them in requirement, design patterns and other documents as required

Work directly with program and project teams to ensure that relevant security risks are identified, evaluated, and appropriate security solutions are implemented to manage risks to the enterprise

Responsible for the identification of architectural gaps and inefficiencies in new and existing solutions; support remediation and mitigation efforts through appropriate planning and roadmap development

Strong work ethic and sense of urgency

Ability to influence technical discussions and decisions

Mentor others in security best practices and architectural approaches

Qualification

IAM securityOAuth 2.0SAMLAPI securityCISSPSCIMMTLS/JWT validationCloud security certsCommunication skillsProblem solvingMentoring

Required

Experience with OAuth 2.0, OIDC, SAML, and federation patterns; ability to translate business requirements into secure, scalable identity designs

Solid grasp of provisioning and attribute flows (e.g., SCIM) and how they intersect with authorization policy

Working knowledge of token design (scopes/claims), mTLS/JWT validation patterns, token exchange, and session/security handling across SPs/IdPs

Demonstrated depth in IAM security and 1 other security domains such as: API security, data security, network security, etc

5+ years' experience in information technology experience

1+ years' experience in an information security architectural role or equivalent engineering experience; strong writing and communication skills expected

BA/BS degree in MIS/Computer Science or related degree required

Professional Certification such as: SANS GIAC Certification(s), Certified Information Systems Security Professional (CISSP)