Legal Compliance Manager Privacy Team

We are seeking a strategic and experienced Legal Compliance Manager of Enterprise Incident Response. This role will manage privacy incidents and a team of privacy incident investigators and compliance professionals responsible for proactively researching analyzing and reporting on privacy incidents including unauthorized disclosures and data breaches. This role requires advanced critical and strategic thinking to collaborate cross-functionally with business units legal compliance and technology teams to identify root causes implement corrective actions and establish preventative measures that minimize organizational risk and drive continuous improvement.

This role requires experience in investigating large incidents seasoned judgment diplomacy exceptional communication skills and a demonstrated ability to identify and resolve issues proactively. This role will report to the Director of Enterprise Incident Response.

Key Duties and Responsibilities

• Partner with the Director of Enterprise Incident Response to implement and maintain an effective incident response program including building cross functional partnerships with business teams to build a culture of effective and timely reporting and issue management.
• Lead the research management and resolution of privacy issues presented to the Privacy Office.
• Design and deliver privacy compliance training programs; perform auditing and monitoring activities to ensure ongoing adherence to regulatory requirements and internal policies.
• Prepare and issue required notifications to clients business partners and government regulators in accordance with applicable laws.
• Monitor the performance of the incident response program while taking appropriate steps to improve its effectiveness.
• Act as an advisor to the business in all aspects of incident response and other privacy-related questions (risk assessment regulatory reporting etc.).
• Serve as a subject matter expert and compliance resource for internal and external partners.
• Collaborate with other departments including the legal team to direct compliance issues to appropriate existing channels for investigation and resolution.
• Respond to cybersecurity and privacy incidents complaints received from customers third parties regulators and areas of the business. Assist with the investigation of such incidents in a consistent uniform manner.
• Monitor and as necessary coordinate incident response activities of other departments to remain abreast of the status and to identify trends.
• Manage a team of Sr. Analysts responsible for handling day-to-day and large privacy incidents ensuring thorough investigation careful documentation and timely resolution of incidents in a high-volume fast-paced environment.
• Collaborate with Privacy Legal and Compliance Operations IT Cigna Information Protection and Enterprise Risk Management and other stakeholders to ensure coordinated incident handling and timely resolution.
• Partner with Cigna Information Protection team to test and execute the cyber-incident response playbook for key clients.
• Lead key client relationships to ensure all contractual and costly performance guarantees are met including reporting incidents in accordance with the contract and perform ongoing daily communication with clients until incident is closed.
• Support strategic compliance initiatives including internal and external audits policy development and employee training.

Qualifications

• Bachelors degree
• 5 years of experience managing large privacy incidents.
• Healthcare and/or PBM privacy and compliance experience required
• Demonstrated experience leading teams and driving incident management processes is needed.
• Strong analytical communication and interpersonal skills; proven ability to work cross-functionally and influence stakeholders.
• Knowledge of State and Federal breach notification laws including HIPAA.
• Demonstrated competency with privacy management software and incident tracking tools.
• Ability to manage multiple priorities in a fast-paced matrixed environment and adapt to evolving regulatory requirements.

This role is also anticipated to be eligible to participate in an annual bonus plan.

At The Cigna Group youll enjoy a comprehensive range of benefits with a focus on supporting your whole health. Starting on day one of your employment youll be offered several health-related benefits including medical vision dental and well-being and behavioral health programs. We also offer 401(k) company paid life insurance tuition reimbursement a minimum of 18 days of paid time off per year and paid holidays. For more details on our employee benefits programs click here.

About The Cigna Group

Qualified applicants will be considered without regard to race color age disability sex childbirth (including pregnancy) or related medical conditions including but not limited to lactation sexual orientation gender identity or expression veteran or military status religion national origin ancestry marital or familial status genetic information status with regard to public assistance citizenship status or any other characteristic protected by applicable equal employment opportunity laws.

If you require reasonable accommodation in completing the online application process please email: for support. Do not email for an update on your application or to provide your resume as you will not receive a response.

The Cigna Group has a tobacco-free policy and reserves the right not to hire tobacco/nicotine users in states where that is legally permissible. Candidates in such states who use tobacco/nicotine will not be considered for employment unless they enter a qualifying smoking cessation program prior to the start of their employment. These states include: Alabama Alaska Arizona Arkansas Delaware Florida Georgia Hawaii Idaho Iowa Kansas Maryland Massachusetts Michigan Nebraska Ohio Pennsylvania Texas Utah Vermont and Washington State.

Qualified applicants with criminal histories will be considered for employment in a manner consistent with all federal state and local ordinances.