Business Information Security officer (BISO) AI/ Risk Management – Remote

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together.  

You’ll enjoy the flexibility to work remotely as you take on some tough challenges.

For all hires within 30 minutes of an office in Minnesota or Washington, D.C., you’ll be required to work a minimum of four days per week in-office.

We are seeking a visionary Senior Business Information Security Officer to lead the security strategy and risk governance for our Enterprise AI/ML division. This role anchors critical security controls around the design, deployment, and scaling of AI/ML solutions – particularly Generative AI and enterprise LLM platforms – while balancing risk, innovation, and compliance across global operations.

The candidate must bring 18-20 years of demonstrable success in enterprise security leadership, with deep expertise in AI/ML security, indirect team leadership, and cross-border regulatory experience in large multinational environments. You’ll enjoy the flexibility to telecommute* from anywhere within the U.S. as you take on some tough challenges. This role may be hybrid, work in office and out.

Primary Responsibilities:

• AI/ML & LLM Security Leadership
  • Define and implement LLM threat modeling, prompt injection detection, adversarial testing, and alignment protocols
  • Securing AI/ML development pipelines (MLOps), integrating DevSecOps principles, access controls, and provenance tracking
  • Guide model lifecycle security including fine-tuning risks, output sanitization, hallucination detection, and bias remediation
  • Establish data governance guardrails for training, inference, storage, and synthetic data creation
• Risk Management & Compliance
  • Map evolving AI/ML risks against global frameworks: EU AI Act, NIST AI RMF, ISO 42001, DPDP Act, and internal GRC mandates
  • Lead enterprise-wide AI/ML risk assessments, internal audits, and red teaming exercises targeting GenAI systems
  • Support regulatory responses, incident management, and executive briefings tied to AI/ML program controls
  • Collaborate with Legal, Data Privacy, and Engineering teams to align on emerging AI ethics and liability risks
• Leadership & Enablement
  • Act as Security Advisor to the CIO, bridging technical realities with strategic risk perspectives
  • Champion secure enablement, helping business units adopt AI/ML responsibly and confidently
  • Lead virtual cross-functional teams including data science, product, legal, and security engineering stakeholders
  • Influence culture and policy through thought leadership, workshops, and publication of enterprise AI Security Playbooks
• Communication & Advocacy
  • Draft C-suite-level strategy briefings, board-level updates, and actionable security advisories
  • Engage in global forums, contribute to regulatory consultations, and build the firm’s external reputation in AI/ML security
  • Translate technical risk into business impact for a non-technical audience

You’ll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.

Required Qualifications:

• 16+ years in Information/Cyber Security in corporate environment, including 
• 5+ years in emerging tech (AI/ML, data platforms, analytics systems)
• Experience managing risks tied to data integrity, model drift, shadow AI deployments, and third-party AI services
• Solid command of cloud-native architecture, zero trust security models, and federated learning environments
• Proven track record securing AI platforms and LLM ecosystems (e.g., Open AI, Azure AI, Vertex AI, AWS Bedrock)
• Proven history of indirect leadership, driving outcomes across non-reporting teams and global stakeholders

Preferred Qualifications:

• CISSP / CCSP / CRISC / CIPP or equivalent
• ISO/IEC 27001, ISO 42001 (AI Management) experience
• Microsoft, AWS, or Google AI/ML security training
• Completion of NIST AI RMF workshops or red team exercises targeting GenAI

*All employees working remotely will be required to adhere to UnitedHealth Group’s Telecommuter Policy

Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, you’ll find a far-reaching choice of benefits and incentives. The salary for this role will range from $156,400 to $268,000 annually based on full-time employment. We comply with all minimum wage laws as applicable.

Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants.

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes – an enterprise priority reflected in our mission.

UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations.

UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.