Sr. Manager, Information Security Risk Management

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together.

 

The Optum Serve Information Security Team has an exciting Senior Manager Level opportunity leading the Supplier Risk Governance program. The Senior Manager will collaborate with Optum Serve Business Partners as well as other Optum and Enterprise risk teams to ensure program alignment with enterprise policies, standards and associated processes. This role will report directly to the Optum Serve CISO.

 

You’ll enjoy the flexibility to work remotely* from anywhere within the U.S. as you take on some tough challenges. For all hires in the Minneapolis or Washington, D.C. area, you will be required to work in the office a minimum of four days per week.

 

Primary Responsibilities:

• Lead the ongoing execution of the supplier governance program ensuring the framework continues to address emerging risks
• Oversee supplier due diligence processes and ongoing monitoring to propose mitigation plans to reduce supplier risks
• Partner with key stakeholders to assist with supplier sourcing contracting, pipeline activity and onboarding
• Researches and consults with internal experts to understand and document risks identified through risk evaluations and the due diligence processes
• Assist in the negotiation of sourcing contracts to ensure appropriate security language is in place for high-risk suppliers
• Provide overall direction to business partners relative to Supplier Risk and Governance best practice
• Identifies and communicates third-party risks to business owners and other stakeholders during the Sourcing process
• Escalate issues or risks internally as appropriate
• Partners with stakeholders, matrix partners, and other subject matter experts to continuously improve our third-party risk processes
• Develop and disseminate consistent, standardized materials for use with Optum Serve associates, business units, and suppliers. Work with other corporate organizations to ensure complete alignment
• Foster a «partnering» culture with members of Optum Serve supply chain to ensure value is derived and to drive innovation and productivity
• Recommends changes and improvements as needed to procurement and vendor management teams across enterprise risk team and procurement that may improve third party risk mitigation

 

You’ll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.

Required Qualifications

• 5+ years of supplier management or related experience
• 5+ years of experience in Information Security and Supplier Risk Management in include third party contractual oversight and negotiation, experience in navigating large and complex enterprise Sourcing and Procurement environments to include Procurement or Sales/Servicing related experience
• 3+ years managing risk and governance practices
• 2+ years of experience with common security frameworks (NIST 800-53 & 800-171, ISO 27001, CMMC, HITRUST, etc.) 
• 2+ years of experience working with ARCHER Enterprise Governance, Risk and Compliance (eGRC) platform
• If you are offered this position, you will be required to provide extensive personal information to obtain and maintain a suitability or determination of eligibility for a Confidential/Secret or Top Secret security clearance as a condition of your employment

 

Preferred Qualifications:

• Bachelor’s degree in Information Technology, Computer Engineering or related field
• 5+ years of experience compiling reports, summaries, and presentations to communicate findings to key stakeholders within the business
• 2+ years of experience with business law, legal contracts and various financial issues.
• 2+ years of experience with third-party risk management, due diligence concepts and industry related best practices

 

*All employees working remotely will be required to adhere to UnitedHealth Group’s Telecommuter Policy.

 

Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, you’ll find a far-reaching choice of benefits and incentives. The salary for this role will range from $110,200 to $188,800 annually based on full-time employment. We comply with all minimum wage laws as applicable.

 

Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants. 

 

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes – an enterprise priority reflected in our mission.

 

 

UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations.

 

UnitedHealth Group is a drug – free workplace. Candidates are required to pass a drug test before beginning employment.