Senior Information Security Risk Consultant

Job Description: Cloud Senior Information Security Engineer (Subject Matter Expert)

Gurgaon

Position Overview:
The Cloud Senior Information Security Engineer (Subject Matter Expert) is responsible for architecting, building, supporting, and enhancing the organization’s public cloud security strategy. This role serves as a critical partner between the Enterprise Security Risk Organization (ESRO) and the Enterprise Technology Infrastructure and Platform Services (ETIPS) to ensure robust and effective cloud security measures.

Key Responsibilities:

• Security Strategy: Collaborate with ESRO and ETIPS to develop and implement a comprehensive public cloud security strategy.
• Security Architecture: Design and maintain secure cloud architectures, ensuring compliance with industry standards and best practices.
• Risk Management: Identify, assess, and mitigate security risks associated with public cloud environments.
• Incident Response: Lead incident response efforts for cloud security breaches, including investigation, containment, and remediation.
• Compliance: Ensure compliance with relevant regulations and standards specific to public cloud environments.
• Security Monitoring: Implement and manage security monitoring tools to detect and respond to threats in real-time.
• Collaboration: Partner with ESRO and ETIPS teams to integrate security measures into cloud services and applications.
• Policy Development: Develop and enforce security policies and procedures specific to public cloud environments.
• Audit and Assessment: Conduct regular security audits and assessments to ensure the effectiveness of security measures.
• Vulnerability Management: Test and identify network and system vulnerabilities, developing strategies to mitigate them.
• Documentation: Prepare and document standard operating procedures and protocols for security operations.

Qualifications:

• Proven experience in cloud security strategy and architecture.
• Strong knowledge of risk management and incident response.
• Familiarity with compliance regulations and security monitoring tools.
• Excellent collaboration and communication skills, with experience partnering between security and IT organizations.
• Ability to conduct training and develop security policies.
• Experience in conducting security audits and assessments.
• Public Cloud Security Experience: Demonstrated experience with public cloud security in AWS, Azure, or both.
• Demonstrated ability to build and maintain relationships with business leaders and stakeholders.

 At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone–of every race, gender, sexuality, age, location and income–deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission.