We are seeking a strategic and experienced Legal Compliance Manager of Enterprise Incident Response. This role will manage privacy incidents and a team of privacy incident investigators and compliance professionals responsible for proactively researching, analyzing, and reporting on privacy incidents, including unauthorized disclosures and data breaches. This role requires advanced critical and strategic thinking to collaborate cross-functionally with business units, legal, compliance, and technology teams to identify root causes, implement corrective actions, and establish preventative measures that minimize organizational risk and drive continuous improvement. This role requires experience in investigating large incidents, seasoned judgment, diplomacy, exceptional communication skills, and a demonstrated ability to identify and resolve issues proactively. This role will report to the Director of Enterprise Incident Response. Key Duties and Responsibilities Partner with the Director of Enterprise Incident Response to implement and maintain an effective incident response program, including building cross functional partnerships with business teams to build a culture of effective and timely reporting and issue management. Lead the research, management, and resolution of privacy issues presented to the Privacy Office. Design and deliver privacy compliance training programs; perform auditing and monitoring activities to ensure ongoing adherence to regulatory requirements and internal policies. Prepare and issue required notifications to clients, business partners, and government regulators in accordance with applicable laws. Monitor the performance of the incident response program while taking appropriate steps to improve its effectiveness. Act as an advisor to the business in all aspects of incident response and other privacy-related questions (risk assessment, regulatory reporting, etc.). Serve as a subject matter expert and compliance resource for internal and external partners. Collaborate with other departments including the legal team, to direct compliance issues to appropriate existing channels for investigation and resolution. Respond to cybersecurity and privacy incidents, complaints received from customers, third parties, regulators and areas of the business. Assist with the investigation of such incidents in a consistent, uniform manner. Monitor, and as necessary, coordinate incident response activities of other departments to remain abreast of the status and to identify trends. Manage a team of Sr. Analysts responsible for handling day-to-day and large privacy incidents, ensuring thorough investigation, careful documentation, and timely resolution of incidents in a high-volume, fast-paced environment. Collaborate with Privacy Legal and Compliance Operations, IT, Cigna Information Protection, and Enterprise Risk Management, and other stakeholders to ensure coordinated incident handling and timely resolution. Partner with Cigna Information Protection team to test and execute the cyber-incident response playbook for key clients. Lead key client relationships to ensure all contractual and costly performance guarantees are met, including reporting incidents in accordance with the contract and perform ongoing daily communication with clients until incident is closed. Support strategic compliance initiatives, including internal and external audits, policy development, and employee training. Qualifications: Bachelor’s degree required. 5+ years of experience managing large-scale privacy incidents. Healthcare or PBM privacy and compliance experience required. Demonstrated leadership skills with experience managing teams and incident response processes. Strong understanding of HIPAA and state/federal breach notification laws. Experience with privacy management tools and incident response tracking systems. Exceptional analytical, communication, and relationship‑building skills. Ability to manage competing priorities in a fast-paced, matrixed environment and adapt to evolving regulatory demands. Remote or Hybrid. If you will be working at home occasionally or permanently, the internet connection must be obtained through a cable broadband or fiber optic internet service provider with speeds of at least 10Mbps download/5Mbps upload. For this position, we anticipate offering an annual salary of 103,100 - 171,900 USD / yearly, depending on relevant factors, including experience and geographic location. This role is also anticipated to be eligible to participate in an annual bonus plan. At The Cigna Group, you’ll enjoy a comprehensive range of benefits, with a focus on supporting your whole health. Starting on day one of your employment, you’ll be offered several health-related benefits including medical, vision, dental, and well-being and behavioral health programs. We also offer 401(k), company paid life insurance, tuition reimbursement, a minimum of 18 days of paid time off per year and paid holidays. For more de