UnitedHealth Group
Senior Info Sec Risk Auditor - Remote - 2300335
UnitedHealth Group, Circle Pines, Minnesota, United States, 55014
Join Our Team
Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together. Primary Responsibilities:
Specific responsibilities include but are not limited to: Assists with the development and execution of Information Risk Governance department operations, methodology, technologies and tools. Helps drive continuous improvement efforts in alignment with direction provided by leadership and industry standards Manages the execution and delivery of IT Security Risk and Compliance assessments for a variety of technology and systems in both on-prem, and cloud environments in a timely manner and by meeting the expected quality standards Leads a team of analysts by setting expectations for the project deliverable, individual performance, deliverable and timelines Establishes the scope of projects, creates detailed assessment procedures, assigns the deliverables to the team, reviews deliverables for quality, provides feedback and coaching, and ensures project completion to professional and departmental standards. Provides staff with professional and technical expertise and guidance to ensure that project objectives and scope are satisfied. This includes assisting staff members and contractors in the development and negotiation of recommendations and responses, evaluating the performance of the team, and providing guidance regarding department and company policies and procedures Successfully identifies, addresses, manages and/or escalates risks and issues within a project to the segment lead Translates highly complex concepts in ways that can be understood by a variety of audiences Demonstrate flexibility and adaptability by supporting a variety of projects and initiatives as assigned by leadership to help achieve key organizational priorities and objectives Value Based Competencies
Integrity Value: Act Ethically Compassion Value: Focus on Customers Relationships Value: Communicate Effectively Innovation Value: Support Change and Innovation Performance Value: Make Fact-Based Decisions Performance Value: Deliver Quality Results Youll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in. Required Qualifications:
Bachelors Degree in Information Technology or related field At least one IT Security/Audit certification such as CISA, CCSP, CCSK 5+ years of IT audit experience, including auditing ITGC controls and applying IT security and internal control concepts 4+ years of experience in Compliance, Risk, and Governance 2+ years of experience interpreting and applying regulatory requirements, including the NYDFS (New York Department of Financial Services) Cybersecurity Regulation and HIPAA Security Rule Working knowledge of IT Control/Security frameworks (e.g., ICFR, SOC), plus familiarity with at least two others (HITRUST, NIST, FedRAMP, ISO, CMS MARS-E, StateRAMP, etc.) Familiarity with Cloud Security frameworks and applicable security standards/regulations (e.g., PCI-DSS, SOC2, ISO 27001, HITRUST, NIST) Preferred Qualifications:
CISSP, CISM, CIPT, CSFP, ISA, CIA 2+ years supervisory experience of individuals/teams Experience in health insurance systems Experience in developing, implementing, and managing information security policies, procedures, and standards to support organizational security objectives and regulatory compliance Experience working in complex IT environments Proven excellent communication and presentation skills Proven solid coordination and planning skills with the ability to manage projects independently Proven solid interpersonal, oral, and written communication skills Proven to be resourceful and able to manage multiple tasks and shift priorities Direct Reports: Typically 0 direct reports. Typically 0 indirect reports. All employees working remotely will be required to adhere to UnitedHealth Groups Telecommuter Policy. Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, youll find a far-reaching choice of benefits and incentives. The salary for this role will range from $89,900 to $160,600 annually based on full-time employment. We comply with all minimum wage laws as applicable. Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyoneof every race, gender, sexuality, age, location and incomedeserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes
an enterprise priority reflected in our mission. UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. UnitedHealth Group is a drug - free workplace. Candidates are required to pass a drug test before beginning employment.
Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together. Primary Responsibilities:
Specific responsibilities include but are not limited to: Assists with the development and execution of Information Risk Governance department operations, methodology, technologies and tools. Helps drive continuous improvement efforts in alignment with direction provided by leadership and industry standards Manages the execution and delivery of IT Security Risk and Compliance assessments for a variety of technology and systems in both on-prem, and cloud environments in a timely manner and by meeting the expected quality standards Leads a team of analysts by setting expectations for the project deliverable, individual performance, deliverable and timelines Establishes the scope of projects, creates detailed assessment procedures, assigns the deliverables to the team, reviews deliverables for quality, provides feedback and coaching, and ensures project completion to professional and departmental standards. Provides staff with professional and technical expertise and guidance to ensure that project objectives and scope are satisfied. This includes assisting staff members and contractors in the development and negotiation of recommendations and responses, evaluating the performance of the team, and providing guidance regarding department and company policies and procedures Successfully identifies, addresses, manages and/or escalates risks and issues within a project to the segment lead Translates highly complex concepts in ways that can be understood by a variety of audiences Demonstrate flexibility and adaptability by supporting a variety of projects and initiatives as assigned by leadership to help achieve key organizational priorities and objectives Value Based Competencies
Integrity Value: Act Ethically Compassion Value: Focus on Customers Relationships Value: Communicate Effectively Innovation Value: Support Change and Innovation Performance Value: Make Fact-Based Decisions Performance Value: Deliver Quality Results Youll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in. Required Qualifications:
Bachelors Degree in Information Technology or related field At least one IT Security/Audit certification such as CISA, CCSP, CCSK 5+ years of IT audit experience, including auditing ITGC controls and applying IT security and internal control concepts 4+ years of experience in Compliance, Risk, and Governance 2+ years of experience interpreting and applying regulatory requirements, including the NYDFS (New York Department of Financial Services) Cybersecurity Regulation and HIPAA Security Rule Working knowledge of IT Control/Security frameworks (e.g., ICFR, SOC), plus familiarity with at least two others (HITRUST, NIST, FedRAMP, ISO, CMS MARS-E, StateRAMP, etc.) Familiarity with Cloud Security frameworks and applicable security standards/regulations (e.g., PCI-DSS, SOC2, ISO 27001, HITRUST, NIST) Preferred Qualifications:
CISSP, CISM, CIPT, CSFP, ISA, CIA 2+ years supervisory experience of individuals/teams Experience in health insurance systems Experience in developing, implementing, and managing information security policies, procedures, and standards to support organizational security objectives and regulatory compliance Experience working in complex IT environments Proven excellent communication and presentation skills Proven solid coordination and planning skills with the ability to manage projects independently Proven solid interpersonal, oral, and written communication skills Proven to be resourceful and able to manage multiple tasks and shift priorities Direct Reports: Typically 0 direct reports. Typically 0 indirect reports. All employees working remotely will be required to adhere to UnitedHealth Groups Telecommuter Policy. Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, youll find a far-reaching choice of benefits and incentives. The salary for this role will range from $89,900 to $160,600 annually based on full-time employment. We comply with all minimum wage laws as applicable. Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyoneof every race, gender, sexuality, age, location and incomedeserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes
an enterprise priority reflected in our mission. UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. UnitedHealth Group is a drug - free workplace. Candidates are required to pass a drug test before beginning employment.