Senior Manager InfoSec Engineer – AIML Security Governance

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together.  

The Segment Information Security Officer (SISO) for AIML division, lays a pivotal role within the Enterprise Security and Resilience Office responsible, for the security governance and assurance of enterprise-scale Artificial Intelligence and Machine Learning (AIML) applications. Reporting directly to the Business Information Security Officer, the SISO position is integral to ensuring robust information security practices, risk governance, and compliance across all aspects of AIML engineering initiatives. The SISO will drive proactive security engagement, foster a culture of security awareness, and enable secure innovation in a rapidly evolving technology environment.

The successful candidate will be reporting to the Senior Director level officer in the US and work closely with the with the business, and teammates in India and globally.

Primary Responsibilities:

• Security Engagement & Collaboration: Act as the primary security advisor within the AIML engineering teams, collaborating closely with Sr Leadership (VP level) SISO to align security objectives with business and technology goals. Facilitate regular communications between engineering, risk, compliance, and enterprise security teams to ensure consistent security practices
• Risk Assessment & Management: Identify, assess, and manage security risks associated with AI/ML models, data pipelines, and associated technology infrastructure. Support threat modeling, vulnerability assessments, and secure design reviews across the AIML lifecycle
• Policy Implementation: Assist in the interpretation and implementation of enterprise security policies, standards, and controls within the technology segment, ensuring compliance with regulatory requirements and best practices for AIML development
• Incident Response & Investigation: Support prompt identification, investigation, and resolution of security incidents and vulnerabilities in AIML systems. Assist SG31 SISO in coordinating responses, documentation, and root cause analysis
• Awareness & Training: Champion security awareness initiatives tailored to engineering teams, including secure coding practices, responsible AI, data privacy, and adversarial threat mitigation in AI/ML ecosystems
• Project Security Assurance: Partner with project managers and engineers to embed security requirements into project plans and deliverables. Conduct security reviews and sign-offs at critical project milestones
• Regulatory & Compliance Support: Aid in preparing for internal and external audits, ensuring that AIML solutions comply with industry, regulatory, and enterprise requirements
• Continuous Improvement: Stay abreast of evolving threats, industry trends, and emerging regulatory landscapes affecting AIML. Recommend and drive improvements to security controls, tools, and processes
• Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so

Required Qualifications:

• Bachelor’s degree in computer science, Information Security, Engineering, or related field; Master’s degree or relevant professional certifications (CISSP, CISM, CCSP, etc.) are advantageous
• 12+ years of total experience and 3+ years in information security, preferably with exposure to AI/ML systems, software engineering, or cloud technologies
• Solid understanding of AIML concepts, data security, model lifecycle, and AI/ML-specific threats (e.g., data poisoning, model inversion, adversarial attacks)
• Solid familiarity with security frameworks (NIST, ISO 27001, etc.), secure SDLC, and cloud security best practices
• Demonstrated excellent communication and interpersonal skills, with the ability to engage technical and non-technical stakeholders alike
• Demonstrated analytical, organizational, and problem-solving abilities
• Demonstrated ability to work collaboratively and effectively under the direction of the Senior leadership and within a matrixed security environment

Preferred Qualifications:

• Hands-on knowledge of secure programming, data privacy, and ethical AI principles
• Experience in engineering or securing enterprise AI/ML platforms and tools
• Experience assisting with audit, compliance, or risk governance related to technology domains
• Background in security automation, DevSecOps, or machine learning operations (ML Ops)

Points to note:

• Reports to: Sr Leader (VP level) Segment Information Security Officer (SISO)
• Works closely with: Technology Division Leadership, AIML Engineers, Risk & Compliance Teams, Enterprise Security Office
• Flexible to work in and overlap significantly with US West Coast time zone. (Preferably 3 pm to 1 am India time)

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes – an enterprise priority reflected in our mission.

#njp #SSTech