Job Information
The Cigna Group Technology Risk & Control Advisor in Madrid, Spain
Role is open for a Risk and Control Advisor within International Health Technology. This is a critical role as the Risk and Control team look to strengthen its support for the Technology teams across Europe, North America, Middle East, and Asia.
The Operational Risk Advisor core activities consist of:
Develop, maintain, and update risk and control framework:
Development of risk and control assessment to include inherent risk, control assessment, residual risk, and the overall risk exposure against risk appetite, including risk identification, scoring, and measurement
Adherence to Cigna's Risk Framework
Adherence to policy, procedure, and process across BAU and project change
Risk Control & Mitigation:
Identification of required controls and assessment of effectiveness with technology partners, correlating input from Audit Findings, Internal Loss Data Collection & Analysis, External Data Collection & Analysis, Risk Control Self Assessments, Business Process Mapping, KPIs & KRIs, Scenario Analysis, and Quantified Measurement & Comparative Analysis
Innovate and enhance the effectiveness of the Internal Controls programme by reviewing the control environment, risk assessment process, control activities, information and communication and monitoring activities
Assess operational risk response strategies
Validate risk transfer options
End to end ownership of the IT Operational framework
Risk Forum, including reporting, collation of MI and relevant escalations to second and third lines of defence; including escalation where warranted
Maintenance of the IT Operational Risk Register
Development of an end-to-end risk and control assessment to include inherent risk, control assessment, residual risk, and the overall risk exposure against risk appetite
Represent IT at other Cigna Risk Forums (where applicable)
Relationship building of Operational Risk & Control across the IM Technology function covering all regions and global services:
Work with stakeholders to undertake risk assessment activity including identification, management and reporting of risks, issues, incidents, and controls
Assist stakeholders with root cause analysis activities
Support stakeholders in regular audit and assurance testing
Host monthly IM Technology Risk Forums / Committees including data and reporting input / output
Risk monitoring & reporting:
Implement a process to regularly monitoring operational risk profiles and material exposure to losses
Provide appropriate reporting mechanisms to the relevant board(s), senior management, and the business lines
Support management of open audit / assurance and security gaps:
Support the remediation and closure processes, seeking expert guidance where needed and escalating issues if required
Maintain reports capturing web vulnerability volume and data attributes
Support in remediation plans and liaise with key stakeholders to facilitate, including but not limited to: Local and Enterprise level International Technology Application and Infrastructure teams, Cigna Information Protection, and external parties
Key skills - essential to have:
Fluent in English
Establishment and Management of Controls Framework Experience
Minimum 5 years' experience in operational technology risk management
Minimum 3 years' experience in operational risk
Effective communication and presentation skills
Strong technical skills: Excel, ppt, SharePoint / SharePoint online
Collaborator
Key skills - good to have:
Understanding and awareness of cyber security concepts
Process mapping including delivery of documentation, identification of process improvements, identification, definition and mapping of process controls
Agile methodologies
Problem solving
Tableau
About Cigna Healthcare
Cigna Healthcare, a division of The Cigna Group, is an advocate for better health through every stage of life. We guide our customers through the health care system, empowering them with the information and insight they need to make the best choices for improving their health and vitality. Join us in driving growth and improving lives.
Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.
If you require reasonable accommodation in completing the online application process, please email: SeeYourselfEMEA@cigna.com for support. Do not email SeeYourselfEMEA@cigna.com for an update on your application or to provide your resume as you will not receive a response.