Evernorth Biso Principal

Information Protection Business Information Security Officer (Principle / BISO)

Role Summary

The Evernorth Pharmacy and Care Delivery BISO is a leadership role within Technology, acting as a strategic conduit between Cigna Information Protection (CIP) cybersecurity services and the Pharmacy & Care Delivery Line of Business. Serving as the primary delegate for the business line Chief Information Security Officer, the BISO ensures continuity of cybersecurity strategy and execution across evolving business needs. This role drives the "last mile" delivery of global CIP Shared Services, leads risk management activities, and influences enterprise-wide security initiatives

Key Responsibilities

• Strategic Leadership & Business Alignment

• Understand business strategy and anticipate cyber risk impacts; integrate security into business planning

• Champion enterprise cybersecurity initiatives, including multi-year Pharmacy Security Program & risk mitigation tied to the threat landscape

• Risk Management & Governance

• Parter with the CIP Governance, Risk, and Compliance team to embed risk management into the delivery lifecycle & layered defence model

• Develop and maintain organizational-wide cyber risk views in collaboration with CIP, Audit, Compliance, ERM, Legal, and Privacy

• Ensure adherence to CIP standards and frameworks (ISO/IEC 27001/27002, NIST CSF, PCI-DSS) and management of policy exceptions

• Operational Execution

• Partner with the Strategic Delivery Office to ensure delivery of global Cyber & Privacy risk mitigation programs for Pharmacy & Care

• Influence secure coding and DevSecOps practices into Agile pipelines to minimize vulnerabilities

• Ensure visibility into incident response, regulatory reporting, and forensic investigations in partnership with the CIP Global Threat Management team

• Stakeholder Engagement & Communication

• Provide localized risk and vulnerability reporting to business governance forums for data-driven decisions

• Partner with Global Architecture teams to implement standard security solutions and feed local requirements into global roadmaps

• Change & Integration

• Partner with the Cyber Mergers and Acquisitions team to integrate new companies securely

Qualifications & Experience

• Education: BA/BS in business or technical field; MBA preferred but not required

• Experience:

• Minimum 10+ years in Information Security/Cybersecurity with ability to translate technical controls into business terms

• Minimum 5+ years in cyber leadership roles within Fortune 500 organizations

• Proven ability to influence and lead matrix teams; strong business acumen and global cultural awareness

• Certifications: CISSP, CISM, or equivalent preferred

• Technical Knowledge:

• Implementation-level knowledge of security standards and frameworks (ISO, NIST, PCI-DSS, FedRAMP)

• Familiarity with GRC tools and workflow management systems

• Industry Experience: Healthcare or Health IT required; Insurance & Financial Services preferred

Additional Band 5 Alignment

• Organizational Impact: Drive measurable improvements in risk posture and compliance scores across business units

• Strategic Contribution: Influence enterprise cybersecurity strategy and innovation

• Leadership Accountability: Demonstrate inclusive leadership and cultural alignment with Cigna values

If you will be working at home occasionally or permanently, the internet connection must be obtained through a cable broadband or fiber optic internet service provider with speeds of at least 10Mbps download/5Mbps upload.

For this position, we anticipate offering an annual salary of 142,200 - 237,000 USD / yearly, depending on relevant factors, including experience and geographic location.

This role is also anticipated to be eligible to participate in an annual bonus and long term incentive plan.

At The Cigna Group, you'll enjoy a comprehensive range of benefits, with a focus on supporting your whole health. Starting on day one of your employment, you'll be offered several health-related benefits including medical, vision, dental, and well-being and behavioral health programs. We also offer 401(k), company paid life insurance, tuition reimbursement, a minimum of 18 days of paid time off per year and paid holidays. For more details on our employee benefits programs, click here.

About The Cigna Group

Doing something meaningful starts with a simple decision, a commitment to changing lives. At The Cigna Group, we're dedicated to improving the health and vitality of those we serve. Through our divisions Cigna Healthcare and Evernorth Health Services, we are committed to enhancing the lives of our clients, customers and patients. Join us in driving growth and improving lives.

Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.

If you require reasonable accommodation in completing the online application process, please email: SeeYourself@cigna.com for support. Do not email SeeYourself@cigna.com for an update on your application or to provide your resume as you will not receive a response.

The Cigna Group has a tobacco-free policy and reserves the right not to hire tobacco/nicotine users in states where that is legally permissible. Candidates in such states who use tobacco/nicotine will not be considered for employment unless they enter a qualifying smoking cessation program prior to the start of their employment. These states include: Alabama, Alaska, Arizona, Arkansas, Delaware, Florida, Georgia, Hawaii, Idaho, Iowa, Kansas, Maryland, Massachusetts, Michigan, Nebraska, Ohio, Pennsylvania, Texas, Utah, Vermont, and Washington State.

Qualified applicants with criminal histories will be considered for employment in a manner consistent with all federal, state and local ordinances.