Position Summary:
A successful Adversary Simulation member should possess a deep understanding of information security and computer science, paired with experience executing highly technical offensive assessments. They should understand advanced red and purple team campaign concepts such as performing social engineering and covert operations against complex networks while remaining entirely undetected, advanced application manipulation, and basic programming concepts. They should be able to improve the overall detection and response capabilities of the organization by understanding adversarial TTPs, developing engagements that emulate specific threat actors of concern, and engaging with the Blue Team during and post engagement.
At Cigna, you will be working with some of the best experts in the industry and faced with complex problem-solving opportunities daily. We help protect some of the most sensitive and valuable data for millions of members throughout the world and red teaming is critical to validating our global security posture. You are expected to quickly assimilate new information as you will face new environments across the globe on a regular basis. You will be expected to understand the relevant threat vectors to each environment and properly assess them, engage with peer teams (e.g., Cyber Threat Intelligence, Threat Hunt, and Incident Response) to develop engagements and effectively communicate results to a wide variety of audiences.
Job Description & Responsibilities
:
Design, scope, and lead complex technical assessments, including Purple Team engagements and other security initiatives to test attack detection and prevention effectiveness
Perform targeted offensive security assessments with a focus on detection and telemetry improvement
Collaborate with cross-functional teams including Incident Response, Threat Hunt, Threat Intelligence, and Security Engineering to drive improved security outcomes and resiliency
Identify, develop, and promote new capabilities and improve Adversary Simulation’s overall program maturity
Support and mentor internal teams on secure architecture, detection logic, and adversary behaviors
Experience Required:
13 - 15 years of combined experience in offensive security, red team, blue team, or purple team roles
Demonstrated hands-on experience executing advanced adversary TTPs across all phases of the kill chain
Proven ability to build, run, and measure adversary emulation exercises based on MITRE ATT&CK or custom threat models
Proficiency in scripting languages (Python, PowerShell, Bash) and familiarity with programming languages (C/C++, C#)
Experience building or tuning detection logic (KQL, Sigma, SPL, YARA, etc.) from detection engineering, threat hunt, or threat intelligence roles
Deep understanding of cybersecurity principles, network security, and modern attack vectors
Demonstrated ability to produce comprehensive reports and explain complex technical details in a concise, understandable manner
Excellent communication and time management skills
Experience Desired:
Prior experience performing offensive security operations within a mature enterprise or regulated environment
Knowledge of malware development concepts, evasion techniques, and offensive security research
Experience working within Agile or hybrid Agile/Scrum environments, including participating in sprint planning, backlog refinement, retrospectives, and cross‑team coordination
Education and Training Required:
Bachelor’s degree in Computer Science, Information Security, or a related field. Equivalent experience may be considered
Relevant certifications such as OSCP, OSCE, OSEP, GXPN, CRTO, or similar
Primary Skills:
Advanced knowledge and experience in offensive security techniques and red teaming
Ability to emulate sophisticated adversaries and design realistic attack scenarios
Excellent analytical and critical thinking skills with keen attention to detail
Additional Skills:
Ability to work effectively in a collaborative environment with cross-functional teams
Flexibility to adapt to evolving security challenges and stay current with emerging threats
Willingness and ability to mentor and develop junior team members
About Evernorth Health Services
Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.
