Sr Director, Strategic Technology and Security Risk – Remote

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together.

This senior executive role leads the design, execution, and transformation of enterprise-wide risk governance and compliance programs, ensuring adherence to regulatory frameworks such as NYDFS, HIPAA, HITRUST, and SOX. The VP embeds NIST-aligned, risk-informed decision-making into business and security operations while governing risks tied to AI innovation, cloud adoption, and digital transformation.

The role is pivotal for identifying, quantifying and governing strategic and emerging ris, including a focus on cloud adoption, digital transformation, and M&A risk integration.  Ensures that the enterprise anticipates, withstands and recovers from disruptions while reducing risk in acquisitions, cloud migrations and vender integrations and still ensures alignment to the enterprise’s risk appetite and long-term strategy.  Acting as a trusted advisor to the C-suite and Board, this leader ensures the resilient, compliant and is prepared for disruption.

You’ll enjoy the flexibility to work remotely * from anywhere within the U.S. as you take on some tough challenges. For all hires in the Minneapolis or Washington, D.C. area, you will be required to work in the office a minimum of four days per week.

Primary Responsibilities:

• Strategic Foresight:  Anticipate and evaluate emerging risks tied to digital information, AI, M&A and regulatory changes.   Conduct M&A risk due diligence, focusing on cloud, cybersecurity, regulatory and compliance gas pre and post-close
• Predictive Insights: Delivers predictive, AI-driven risk dashboards and scenario analysis for executives.  Act as the enterprise authority on resilience and strategic risks tied to cloud adoption, digital transformation, and acquisition activity, ensuring alignment with risk appetite and long-term growth objectives
• Resilience Leadership: Oversees cloud resilience strategies (redundancy, failover, dependency mapping) across multi-cloud ecosystems.  Develop and present executive-ready storylines, risk insights, and recovery timelines that illuminate enterprise exposures in cloud, digital services, and M&A transactions for the Board and C-suite
• Governance Alignment:  Ensures compliance with NIST< ISO, SOX, NYDFS and other regulatory frameworks
• Culture & Influence:  Drive a risk-aware culture, balancing innovation with compliance. Aligns risk management to long-term enterprise strategy and growth objectives.  Serves as the senior risk voice in enterprise transformation programs, major technology initiatives, and large-scale vendor engagements, ensuring risk transparency and resilience outcomes

You’ll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.

Required Qualifications:

• Bachelor’s degree in Business, Information Security, Risk Management, Finance, or related field 
• Professional certifications such as CRISC, CISA, CISSP, CISM, CPA, CIA, or equivalent required; additional credentials in cloud (AWS, Azure, GCP) or M&A/financial risk a plus
• 20+ years of progressive experience in risk management, compliance, cybersecurity, or enterprise resilience, with
• 7+ years in senior leadership roles
• Hands-on experience designing and executing cloud resilience strategies (redundancy, failover, dependency mapping) in multi-cloud environments
• Significant experience advising Boards, Audit Committees, and Risk Committees on strategic risk exposures and resilience strategies
• Experience leading and developing large cross-functional teams in matrixed environments, including managing leaders of leaders
• Demonstrated success leading enterprise risk governance in complex, regulated industries (e.g., financial services, healthcare, insurance, or technology)
• Proven track record conducting M&A risk due diligence and integrating acquired entities into enterprise control frameworks
• Leadership in implementing GRC platforms (e.g., Archer, ServiceNow GRC, or similar) and advancing risk automation
• Solid record of driving enterprise-wide transformation, risk transparency, and regulatory alignment through metrics, reporting, and advisory

Preferred Qualification:

• Advanced degree (MBA, MS in Risk Management, Cybersecurity, or related discipline)

Core Competencies

• Strategic Risk Leadership – Ability to shape enterprise risk appetite, advise Boards/C-suites, and integrate resilience into business strategy
• Cloud & Technology Fluency – Deep understanding of cloud ecosystems, resilience engineering, and digital transformation risk
• M&A Risk Expertise – Skilled in risk due diligence, post-close integration, and identifying regulatory, compliance, and cyber exposures in complex transactions
• Executive Communication – Solid capability to develop concise, executive-ready storylines and present complex risks in a Board-facing environment
• Regulatory & Framework Knowledge – Expertise in NYDFS, HIPAA, HITRUST, SOX, PCI-DSS, ISO 27001, NIST CSF, and COSO frameworks
• Change Leadership – Proven ability to drive cultural adoption of risk practices across the three lines of defense in highly matrixed organizations
• Analytical & Data-Driven – Proficiency in developing and interpreting KRIs, risk dashboards, and predictive risk intelligence models
• Collaboration & Influence – Solid stakeholder management and cross-functional leadership skills with the ability to influence at the executive level

*All employees working remotely will be required to adhere to UnitedHealth Group’s Telecommuter Policy

Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, you’ll find a far-reaching choice of benefits and incentives. The salary for this role will range from $156,400 to $268,000 annually based on full-time employment. We comply with all minimum wage laws as applicable.

Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants.

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes – an enterprise priority reflected in our mission.

UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations.

UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.