Senior Info Sec Risk Auditor – Remote

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together.

This individual is a functional expert in IT security risk and audit, responsible for leading and executing complex assessments with minimal supervision. The role contributes to the achievement of Information Risk Governance (IRG) goals and objectives by managing projects, identifying IT security risks, and driving continuous improvement.

You’ll enjoy the flexibility to work remotely * from anywhere within the U.S. as you take on some tough challenges.

Primary Responsibilities:

Specific responsibilities include but are not limited to:

• Assists with the development and execution of Information Risk Governance department operations, methodology, technologies and tools. Helps drive continuous improvement efforts in alignment with direction provided by leadership and industry standards
  
• Manages the execution and delivery of IT Security Risk and Compliance assessments for a variety of technology and systems in both on-prem, and cloud environments in a timely manner and by meeting the expected quality standards 
  
• Leads a team of analysts by setting expectations for the project deliverable, individual performance, deliverable and timelines
  
• Establishes the scope of projects, creates detailed assessment procedures, assigns the deliverables to the team, reviews deliverables for quality, provides feedback and coaching, and ensures project completion to professional and departmental standards.
  
• Provides staff with professional and technical expertise and guidance to ensure that project objectives and scope are satisfied. This includes assisting staff members and contractors in the development and negotiation of recommendations and responses, evaluating the performance of the team, and providing guidance regarding department and company policies and procedures
  
• Successfully identifies, addresses, manages and/or escalates risks and issues within a project to the segment lead
  
• Translates highly complex concepts in ways that can be understood by a variety of audiences
  
• Demonstrate flexibility and adaptability by supporting a variety of projects and initiatives as assigned by leadership to help achieve key organizational priorities and objectives
  

Value Based Competencies

• Integrity Value: Act Ethically
  
• Compassion Value: Focus on Customers
  
• Relationships Value: Communicate Effectively
  
• Innovation Value: Support Change and Innovation
  
• Performance Value: Make Fact-Based Decisions
  
• Performance Value: Deliver Quality Results
  

You’ll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.

Required Qualifications:

• Bachelor’s Degree in Information Technology or related field
• At least one IT Security/Audit certification such as CISA, CCSP, CCSK
• 5+ years of IT audit experience, including auditing ITGC controls and applying IT security and internal control concepts
• 4+ years of experience in Compliance, Risk, and Governance
• 2+ years of experience interpreting and applying regulatory requirements, including the NYDFS (New York Department of Financial Services) Cybersecurity Regulation and HIPAA Security Rule
• Working knowledge of IT Control/Security frameworks (e.g., ICFR, SOC), plus familiarity with at least two others (HITRUST, NIST, FedRAMP, ISO, CMS MARS-E, StateRAMP, etc.)
• Familiarity with Cloud Security frameworks and applicable security standards/regulations (e.g., PCI-DSS, SOC2, ISO 27001, HITRUST, NIST)

Preferred Qualifications:

• CISSP, CISM, CIPT, CSFP, ISA, CIA
• 2+ years supervisory experience of individuals/teams
• Experience in health insurance systems 
• Experience in developing, implementing, and managing information security policies, procedures, and standards to support organizational security objectives and regulatory compliance
• Experience working in complex IT environments
• Proven excellent communication and presentation skills
• Proven solid coordination and planning skills with the ability to manage projects independently
• Proven solid interpersonal, oral, and written communication skills
• Proven to be resourceful and able to manage multiple tasks and shift priorities

Direct Reports

• Typically 0 direct reports
• Typically 0 indirect reports

*All employees working remotely will be required to adhere to UnitedHealth Group’s Telecommuter Policy.

Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, you’ll find a far-reaching choice of benefits and incentives. The salary for this role will range from $89,900 to $160,600 annually based on full-time employment. We comply with all minimum wage laws as applicable.

Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants.

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone–of every race, gender, sexuality, age, location and income–deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission.

UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations.

UnitedHealth Group is a drug – free workplace. Candidates are required to pass a drug test before beginning employment.