The job profile for this position is Information Protection Advisor, which is a Band 4 Senior Contributor Career Track Role.

Excited to grow your career?

We value our talented employees, and whenever possible strive to help one of our associates grow professionally before recruiting new talent to our open positions. If you think the open position you see is right for you, we encourage you to apply!

Our people make all the difference in our success.

At Evernorth, we're more than a health insurance company. We're a global health service company. Identity and Access Management (IAM) is an integral part of IT whose mission is to enforce the principle of Least Privilege through regular reviews and other technical access controls while preserving compliance for testing by external auditors.

Help us audit our future and reduce risk through proactive control monitoring. Get ready for a job that encourages you to think strategically yet stay connected with your teams. Do you have Audit and data analytics experience? If so, prepare to innovate, create, and inspire. The Identity Governance Controls and Audit Engineer will be responsible for the design, development, and delivery of the enterprise Access Control audit evidence. Access controls are operated to enforce the principle of Least Privilege and meet stringent regulatory requirements. These controls are tested by external auditors for accuracy and completeness which requires flawless and consistent execution with compelling documentation.

This position will also facilitate control gap identification, risk remediation, and proactive control monitoring. Responsibilities include, but are not limited to, the following:

• Deliver and present control evidence to internal and external auditors.

• Contribute to the planning and execution of Audit finding remediation.

• Audit evidence quality analysis.

• Work among various teams within the Identity and Access Management (IAM) department to validate, analyze, and articulate user access controls.

• Develop automated capabilities that support proactive control monitoring, evidence gathering and reporting.

• Ensure the effective testing of all IAM controls, as well as provide timely accurate reporting of the results.

Qualifications:

• High School Diploma or equivalent; Bachelors degree preferred.

• Experience as an Information Systems Auditor.

• Proficiency in scripting and programming languages (e.g., Python, Java, PowerShell, SQL, etc.).

• Experience in data analytics and/or data mining preferred.

• Hands-on experience with Identity Governance tools such as Saviynt, Aveska, CyberArk, and Active Directory.

• Basic experience working in the fields of Identity and Access Management and Privileged Access Management.

• Effective verbal and written communication skills for working with both technical teams and business end users.

• Ability to adapt in a dynamic work environment by learning quickly, solving problems, and making decisions with minimal supervision.

• Act as SME to senior stakeholders and team members.

• Proficient in developing project metrics, including gathering reporting, trend analysis, creation, and metrics.

• Ability to identify issues and problems, generate solutions, and choose appropriate alternatives using basic root cause analysis.

• Experience with compliance frameworks such as SOX, SOC1, SOC2, PCI, NIST, and HIPAA.

• Understanding of information risk management concepts and proven ability to meet strict audit deadlines.

• Demonstrated ability to coordinate people and teams cross functionally to resolve complex issues with designated time frames.

• Proactive and positive mindset.

• CPA, CISA, or CISSP preferred.

Education/Experience Requirements

• Education

  • Bachelor degree in Computer Science, Cyber Security, Information Technology, Information Sciences, or equivalent educational or professional experience and/or qualifications

• Work Experience

  • 3-5 years’ experience all aspects of computer operations or an equivalent combination of education and work experience

  • Preferred: 2-4 years experience with SOX/SOC1/SOC2 audits over Security, Availability, Confidentiality, Privacy, and Processing Integrity Trust Service Principles.

If you will be working at home occasionally or permanently, the internet connection must be obtained through a cable broadband or fiber optic internet service provider with speeds of at least 10Mbps download/5Mbps upload.Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.

Please note that you must meet our posting guidelines to be eligible for consideration. Policy can be reviewed at this link.