Sr Director, Cloud Security – Eden Prairie or Washington, DC Hybrid

Optum Tech is a global leader in health care innovation. Our teams develop cutting-edge solutions that help people live healthier lives and help make the health system work better for everyone. From advanced data analytics and AI to cybersecurity, we use innovative approaches to solve some of health care’s most complex challenges. Your contributions here have the potential to change lives. Ready to build the next breakthrough? Join us to start Caring. Connecting. Growing together.

 

The Senior Director of Cloud Security is the senior leader responsible for the overall cloud security strategy and execution and golden images security for on prem and cloud systems security across the enterprise. This role leads a team focused on designing, implementing, and maintaining the foundations that enable secure cloud environments. This role also responsible securing golden images (containers, vm, etc.) for both on-premises and in the cloud. The Senior Director partners closely with ETIPS ( Enterprise Technology Infrastructure, Platforms & Services) cloud teams and other stakeholders to ensure robust, scalable, and compliant security solutions are embedded throughout the organization’s technology landscape.

 

Role Objectives & Impact:

• Establish and mature a unified operating model for cloud and systems security, enabling seamless engagement across Enterprise security and resilience office (Engineering, Cyber, Architecture) and ETIPS teams
• Develop and enforce security standards in partnership with Security Architecture and golden image baselines in all environments, ensuring consistency, compliance, and rapid deployment
• Drive proactive security planning and operational readiness for cloud landing zones, reducing friction and enabling business agility
• Partner with ETIPS teams to embed security by default into cloud platform features, backlog grooming, and service adoption
• Measure and improve the security posture of cloud entities and system images, shifting assessments earlier in the lifecycle and supporting continuous improvement

Scope of Ownership vs. Partnership:
Owns:

• Cloud security roadmap an execution
• Development, maintenance, and governance of security requirements of golden images on- premises and cloud
• Guardrails, and technical baselines for cloud and systems security
• Product engineering roadmap for core cloud security services
• Toolchain rationalization (build vs. buy vs. deprecate) for cloud and systems security platforms

Partners:

• ETIPS Cloud teams for planning, policy rollout, service adoption, and integration of security features
• Business Unit CIOs and platform teams to ensure security standards are embedded in ways of working
• Cyber Defense, Incident Response, and SOC teams for incident preparedness and joint exercises, and ensuring that all cloud environments have defensive visibility
• Internal Audit, Compliance, and GRC teams for regulatory alignment and audit readiness
• Finance and Procurement for rationalization and operationalization of purchased security capabilities

Core Responsibilities:

• Lead and develop the Cloud and Systems Security team, providing direction, coaching, and performance management
• Design, document, and maintain secure cloud landing zones and golden images for operating systems in partnership with ETIPS
• Standardize policy execution and operational metrics across cloud and systems platforms
• Direct the product/backlog for scalable security capabilities and ensure efficient intake/prioritization with ETIPS
• Operate shared guardrails (IAM baselines, encryption, policy sets) with clear SLAs, SLOs, and health dashboards
• Make toolchain choices (build, buy, deprecate) to maximize ROI and speed to operational maturity
• Lead joint technical readiness and incident response exercises with ETIPS and partner teams
• Establish war-room protocols and continuous improvement loops, integrating lessons learned into backlog
• Serve as a trusted leader breaking down silos between Security, Infrastructure, and Application teams
• Own and lead engagement with cloud service providers (AWS, Azure, GCP): run QBRs, influence roadmaps, and accelerate adoption of platform-native security features
• Improve posture maturity for integrated cloud entities and golden images; strengthen upstream assessments and cross-cloud IAM

 

You’ll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.

Required Qualifications:

• 10+ years in infrastructure, cloud, and systems security for large, complex organizations in regulated domains
• 7+ years leading cloud and/or systems security teams in multi-cloud environments
• Deep experience with cloud service provider engagement (AWS, Azure, GCP) and native service integration
• Proven success developing and maintaining golden images for operating systems (Windows, Linux, etc.) in both on-premises and cloud environments
• Demonstrated ability to build low-friction engagement models across Security, Infrastructure, and Application teams
• Experience with toolchain rationalization and rapid operationalization (build vs. buy)
• Background in identity & access management, policy baselines, and security posture management
• Executive engagement with cloud service providers and technology leaders (QBRs, roadmap influence)
• Thought leadership in cloud and systems security

 

Preferred Qualifications:

• Relevant certifications (CISSP, CCSP, AWS/Azure Security)
• Experience partnering with incident response and audit teams
• Familiarity with regulatory frameworks (NIST, ISO, HITRUST, HIPAA)

• M&A cloud integration experience

   

 

*All employees working remotely will be required to adhere to UnitedHealth Group’s Telecommuter Policy.

 

Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, you’ll find a far-reaching choice of benefits and incentives. The salary for this role will range from $159,300 to $273,200 annually based on full-time employment. We comply with all minimum wage laws as applicable.

 

Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants.

 

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes – an enterprise priority reflected in our mission.

 

 

UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations.

 

UnitedHealth Group is a drug – free workplace. Candidates are required to pass a drug test before beginning employment.