Job Description

The Cybersecurity Data Protection team is seeking a skilled and security-focused

Email Security Engineer

with expertise in

Secure Email Gateway (SEG)

solutions to protect our organization from evolving email threats. The ideal candidate will play a critical role in defending the enterprise against phishing, malware, business email compromise (BEC), and data exfiltration attempts by managing and enhancing our email security infrastructure.

Requirements & Qualifications:

Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field--or equivalent experience. Over all 13 - 16 yrs work experience in Cyber Security

Relevant 6+ years of hands-on experience

with Secure Email Gateways and enterprise email security. In-depth knowledge of

SMTP, TLS, SPF, DKIM, DMARC

, and other email protocols and protections. Familiarity with

SIEM, SOAR, threat intelligence platforms

, and email forensics tools. Strong understanding of

cyber threat landscape

, especially email-based threats like phishing, ransomware, and BEC. Experience working with

Microsoft 365 / Exchange Online Protection (EOP)

and

Defender for Office 365

is a plus. Security certifications such as

CompTIA Security+, SSCP, CEH, GIAC, or CISSP

.

Key Responsibilities:

Administer, maintain, and optimize

Secure Email Gateway platforms

(e.g.,

Mimecast, Proofpoint, Cisco Email Security, Microsoft Defender for Office 365

). Develop, implement, and fine-tune

email filtering policies

to block spam, phishing, and malicious content. Enforce

email security standards and protocols

such as

SPF, DKIM, and DMARC

to protect organizational domains. Configure and manage

email encryption

and

data loss prevention (DLP)

policies to ensure compliance with regulatory standards (e.g., GDPR, HIPAA, SOX).

Monitor and respond

to email security alerts, perform forensic analysis, and support incident response efforts. Collaborate with the SOC and threat intelligence teams to detect, analyze, and respond to

targeted phishing campaigns

and

advanced persistent threats (APTs)

. Generate and deliver regular

email threat reports

, KPIs, and metrics to stakeholders. Conduct ongoing

risk assessments and security posture reviews

of the email environment. Research and stay current on the latest

email threat trends, vulnerabilities, and tools

.

Preferred Skills:

Scripting skills (e.g., PowerShell, Python) for automation and reporting. Experience in a

SOC or security operations environment

. Familiarity with regulatory and compliance frameworks (e.g., ISO 27001, NIST, PCI-DSS).

Soft Skills:

Strong analytical thinking and problem-solving skills. Effective communication skills, including the ability to explain technical risks to non-technical stakeholders. Detail-oriented with the ability to manage multiple priorities in a fast-paced environment.

Role Summary:

Senior consultant level professional providing counsel and advice to top management on significant Cyber Security matters often requiring coordination between organizations; focuses on providing thought leadership across multiple disciplines; recognized internally as "the go-to person" for the most complex assignments in Cyber Security. This position is responsible for complex configuration, documentation, and maintenance of some or all of an organization's information security architecture. This may include the installation and configuration of firewalls, intrusion detection systems, anti-virus software, and vulnerability scanning systems. The position also ensures that threats and vulnerabilities to the organization's business systems and applications (both in-house and cloud-based) are minimized. The position manages encryption protocols to protect the organization's data as well as management of authentication and access controls. This position recommends architectural changes when intrusions have occurred and monitors the effectiveness of implemented changes. The position monitors overall compliance with security standards and conducts periodic security audits using techniques such as ethical hacking and penetration testing. The position provides project management, work direction and troubleshooting for lower level Information Security engineers.

About Evernorth Health Services

Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.