Segment Information Security Officer – OptumCare – Remote or Hybrid from MN or DC

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together.

 

The Segment Information Security Officer (SISO) for OptumCare, Mid-America Region will work with technology teams to execute and sustain the security program and strategy. Candidate must be an innovative thinker and have a strong background in cyber security. Leveraging existing locally managed solutions and Optum solutions where applicable, this individual will lead the collective efforts including, but not limited to:

• Vulnerability & exposure management
• Information security monitoring, analysis, and response
• Investigations and data forensics
• Penetration testing
• Security metrics and reporting
• Effective leadership and solutioning skills
• Competency with industry frameworks and regulations including NIST, HIPAA, ISO, etc.
• Audit and assessment
• Identity and Access Management
• Contract reviews
• Security reviews of applications, data, and infrastructure designs, including cloud and locally hosted solutions
• Security review of network solutions including cloud architecture, firewalls, Regional Network Hub technology, data flows, voice, and video

 

If you are located in MN or DC, you will have the flexibility to work remotely*, as well as work in the office as you take on some tough challenges.

 

Primary Responsibilities:

• Ensure compliance with industry, regulatory and contractual security requirements of all products, customers, and assigned areas
• Provides analysis of and suggested solutions to complex Cyber Security issues, as well as complex conceptual analysis, building and maintaining key security and contract metrics
• Lead programs that will minimize risk and ensure the integrity, confidentiality and availability of information that is owned, controlled, and processed within the organization
• Collaborates with leadership to initiate, facilitate, and promote activities to foster information security awareness within the organization
• Lead a multi-organizational security team to foster growth and continued maturation of various security programs in the organization
• Provides expertise/analysis for the management/implementation of budgets, forecasts, and resource planning strategies in support of client engagement
• Provides direction and collaboration with other senior leadership, directors, managers, and stakeholders in the mitigation of risks within the IT Security infrastructure, Business Unit Solution as well as the overall organization
• Creates a culture of physical and information security within the organization and drives behavioral changes for the business. Conducts, designs, and provides security training for staff. Initiates, facilitates, and promotes activities to foster information security awareness within the organization and related entities
• Evaluates security trends, evolving threats, risks and vulnerabilities and applies tools to evaluate the risk in the context of the organization and to mitigate risk
• Ensure that the risk management and access control needs of the organization are addressed
• Travel up to 10% of the time

 

You’ll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.

Required Qualifications:

• 5+ years of information security/ technology/ engineering/ or operations experience
• 3+ experience leading an information security team or program (manager or senior manager level)
• 3+ years of experience translating business needs and priorities into applicable IT solutions and/or strategies
• 3+ years of experience working with external auditors, regulatory bodies, and internal customers
• 3+ years of experience reviewing IT and/or security related contracts  
• 3+ years of experience combining security requirements and business needs into applicable IT solutions and/or strategies
• Experience with cyber security standards/organizations (such as SOX, HIPPA, PCI DSS, ITIL, NIST, COBIT, IETF, IEEE)
• Hands-on knowledge of modern security domains:  
  • Identity & access management
  • Cloud security (Azure, AWS, GCP)
  • Network and endpoint security
  • Data protection & privacy
  • Security incident response
• Understanding of secure architecture principles for cloud, hybrid, and on-prem environments
• Proven solid management presence with the ability to influence local and remote personnel at varying levels (including executives, physicians, and other non-technical business leaders)
• Proven solid communicator with demonstrated collaboration, analytical, and critical thinking skills to achieve business goals, while balancing security and technology objectives

 

Preferred Qualifications:

• Advanced security certifications such as; Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or Certified Chief Information Security Officer (CCISO)
• Network / security infrastructure / application / system vulnerability and/or threat management experience at the Engineer or Architect level
• Proven ability to negotiate and influence cross-functional teams (IT, engineering, product, operations)
• Proven solid relationship-building skills-trusted advisor mindset

 

*All employees working remotely will be required to adhere to UnitedHealth Group’s Telecommuter Policy

 

Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, you’ll find a far-reaching choice of benefits and incentives. The salary for this role will range from $112,700    to $193,200 annually based on full-time employment. We comply with all minimum wage laws as applicable.

 

Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants.

 

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes – an enterprise priority reflected in our mission.

 

 

UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations.

 

UnitedHealth Group is a drug – free workplace. Candidates are required to pass a drug test before beginning employment.