Assistant Manager – Compliance

Opportunities with Episource, part of the Optum family of businesses. Join a premier provider of risk adjustment services, software and solutions that’s fueling innovation in the health care industry. Start a rewarding career where your work will empower health plans and medical groups with comprehensive end-to-end solutions designed to navigate health care efficiently. Our culture is rooted in innovation, encouraging our team to stay curious and engaged. By joining us, you become part of a global, remote/hybrid-friendly team dedicated to bridging health care gaps with a solid sense of social responsibility. At Episource, we are enriching lives, including those of our team members through Caring. Connecting. Growing together.

Primary Responsibilities:

• Leads the design, implementation, operation, and maintenance of the Information Security Management System based on the ISO 27000 series standards, including certification against ISO 27001 where applicable 
  
• Create & maintain policies & documentation to demonstrate adherence to compliance standards 
  
• Ensure adherence to external and internal security standards (HIPPA/HITECH/ISO) 
  
• Coordinate compliance training and awareness programs for employees to ensure they are informed about compliance requirements 
  
• Maintain accurate and organized records of compliance activities and documentation, ensuring accessibility and completeness 
  
• Assist in identifying and assessing potential compliance risks within the organization, then develop and implement strategies to mitigate those risks 
  
• Prepare regular reports on compliance activities and compliance status, making recommendations for improvement as needed 
  
• Work closely with cross-functional teams, including legal, operations, and HR, to ensure alignment on compliance initiatives 
  
• Report to top management on the performance of the SOC Type 2, ISO 27001, HIPAA, and any need for improvement 
  
• Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so

Required Qualifications:

• Certification as Lead Auditor/implementor in ISO 27001 
• At least 7 – 10 years of full-time work experience in role like information security management, ISO auditor and/or related functions 
• Experience working in high performance teams & should deliver as an individual contributor 
• Proficient in MS tools  
• Proven excellent communication & writing skills 
• Proven solid interpersonal skills 
• Proven ability to work under pressure, while maintaining a positive attitude and providing exemplary support to the team 
• Proven ability to prioritize projects and solid problem-solving skills 

Preferred Qualification: 

• Certification like CISSP or CISM

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone–of every race, gender, sexuality, age, location and income–deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission.