Evernorth BISO Principal

Information Protection Business Information Security Officer (Principle / BISO)

Role Summary
The Evernorth Pharmacy and Care Delivery BISO is a leadership role within Technology acting as a strategic conduit between Cigna Information Protection (CIP) cybersecurity services and the Pharmacy & Care Delivery Line of Business. Serving as the primary delegate for the business line Chief Information Security Officer the BISO ensures continuity of cybersecurity strategy and execution across evolving business needs. This role drives the last mile delivery of global CIP Shared Services leads risk management activities and influences enterprise-wide security initiatives

Key Responsibilities

• Strategic Leadership & Business Alignment

  • Understand business strategy and anticipate cyber risk impacts; integrate security into business planning

  • Champion enterprise cybersecurity initiatives including multi-year Pharmacy Security Program & risk mitigation tied to the threat landscape

• Risk Management & Governance

  • Parter with the CIP Governance Risk and Compliance team to embed risk management into the delivery lifecycle & layered defence model

  • Develop and maintain organizational-wide cyber risk views in collaboration with CIP Audit Compliance ERM Legal and Privacy

  • Ensure adherence to CIP standards and frameworks (ISO/IEC 27001/27002 NIST CSF PCI-DSS) and management of policy exceptions

• Operational Execution

  • Partner with the Strategic Delivery Office to ensure delivery of global Cyber & Privacy risk mitigation programs for Pharmacy & Care

  • Influence secure coding and DevSecOps practices into Agile pipelines to minimize vulnerabilities

  • Ensure visibility into incident response regulatory reporting and forensic investigations in partnership with the CIP Global Threat Management team

• Stakeholder Engagement & Communication

  • Provide localized risk and vulnerability reporting to business governance forums for data-driven decisions

  • Partner with Global Architecture teams to implement standard security solutions and feed local requirements into global roadmaps

• Change & Integration

  • Partner with the Cyber Mergers and Acquisitions team to integrate new companies securely

Qualifications & Experience

• Education: BA/BS in business or technical field; MBA preferred but not required

• Experience:

  • Minimum 10 years in Information Security/Cybersecurity with ability to translate technical controls into business terms

  • Minimum 5 years in cyber leadership roles within Fortune 500 organizations

  • Proven ability to influence and lead matrix teams; strong business acumen and global cultural awareness

• Certifications: CISSP CISM or equivalent preferred

• Technical Knowledge:

  • Implementation-level knowledge of security standards and frameworks (ISO NIST PCI-DSS FedRAMP)

  • Familiarity with GRC tools and workflow management systems

• Industry Experience: Healthcare or Health IT required; Insurance & Financial Services preferred

Additional Band 5 Alignment

• Organizational Impact: Drive measurable improvements in risk posture and compliance scores across business units

• Strategic Contribution: Influence enterprise cybersecurity strategy and innovation

• Leadership Accountability: Demonstrate inclusive leadership and cultural alignment with Cigna values

This role is also anticipated to be eligible to participate in an annual bonus and long term incentive plan.

At The Cigna Group youll enjoy a comprehensive range of benefits with a focus on supporting your whole health. Starting on day one of your employment youll be offered several health-related benefits including medical vision dental and well-being and behavioral health programs. We also offer 401(k) company paid life insurance tuition reimbursement a minimum of 18 days of paid time off per year and paid holidays. For more details on our employee benefits programs click here.

About The Cigna Group

Qualified applicants will be considered without regard to race color age disability sex childbirth (including pregnancy) or related medical conditions including but not limited to lactation sexual orientation gender identity or expression veteran or military status religion national origin ancestry marital or familial status genetic information status with regard to public assistance citizenship status or any other characteristic protected by applicable equal employment opportunity laws.

If you require reasonable accommodation in completing the online application process please email: for support. Do not email for an update on your application or to provide your resume as you will not receive a response.

The Cigna Group has a tobacco-free policy and reserves the right not to hire tobacco/nicotine users in states where that is legally permissible. Candidates in such states who use tobacco/nicotine will not be considered for employment unless they enter a qualifying smoking cessation program prior to the start of their employment. These states include: Alabama Alaska Arizona Arkansas Delaware Florida Georgia Hawaii Idaho Iowa Kansas Maryland Massachusetts Michigan Nebraska Ohio Pennsylvania Texas Utah Vermont and Washington State.

Qualified applicants with criminal histories will be considered for employment in a manner consistent with all federal state and local ordinances.