< Back to results
International Segment Information Security Officer
- Full Time
- Mid-Senior Level
Optum, the fastest growing part of UnitedHealth Group, is a leading information and technology-enabled health services business. Our teams are dedicated to modernizing the health care system and improving the lives of people and communities.
Serving virtually every dimension of the health system, we work with a diverse set of clients across 150 countries – from those who diagnose and treat patients to those who pay for care, deliver health services, and those who supply the cures. Optum maintains operations across North America, South America, Europe, Asia Pacific and the Middle East. Our innovative partnerships provide technology and tools that enable unprecedented collaboration and efficiency. As a result, we can tap into valuable health care data to uncover insights and develop strategies for better care at lower costs.
The International Segment Information Security Officer (SISO) supports and provides oversight of the day-to-day operation of the information security management system and risk management program for assigned non-integrated international entities and ensures overall alignment to Enterprise Information Security (EIS) processes and programs. The SISO acts as a representative of the UHG Chief Information Security Officer (CISO) and is the international business entities central point of contact for security support and oversight. The SISO is deemed a critical integration point with the business and is considered a change agent for the business in understanding security risks and the role and responsibilities of EIS, as well as ensuring that EIS fully understands and is engaged to support the needs, objectives and priorities of the international business entity.
The SISO is a direct report to the Business Information Security Officer (BISO) and is also aligned closely with the local CISO and IT leadership team.
- Work with business lines across Europe to integrate them into risk prioritized cyber security processes and controls.
- Partner with product and engineering leads to drive security strategies into product lines, influencing security within the delivery and engineering processes, performing security design and code reviews and providing security engineering support through the development of architecture, engineering and code patterns.
- Participate in security incident response processes on a per-occurrence basis
- Serve as a regional point of contact for EIS policy and process issues and escalations
- Partner with international entities and help drive major programs or change initiatives aimed at increasing the enterprise security capabilities
- Communicate directly to senior management on risk management concepts, as well as specific project risks and risk mitigation options/scenarios
- Maintain a deep understanding of the business, our patients and healthcare-delivery models. This understanding includes key systems, key contacts, priorities and concerns within the business and IT.
- Maintain current knowledge on information security topics and their applicability to the enterprise and the healthcare industry.
- Drive direct engagement with product teams to ensure healthcare applications are secure.
- Strong application process flow and problem-solving techniques and experience in designing & implementing security architecture for healthcare applications
- Ability to communicate technical security risks in a manner that resonates with business leaders
- Ability to engage and communicate directly with senior leaders and influence risk decisions
- Relates well to constraints experienced by business partners and finds practical, win-win solutions
- Good understanding of authentication protocols (OpenID Connect, OAUTH, SAML, RADIUS, LDAP)
- Ability to analyze customer needs; ensures solutions meet business and security requirements
- Holds self and others accountable for meeting customer needs and expectations in a timely, professional manner
- Maintains high personal accountability; takes ownership of issues, develops effective remediation approaches, and drives for results
- Employs business acumen to develop appropriate solutions and solve problems
- Understands business risks and business objectives
- Understands health care delivery and provider environments
- Able to translate business needs into information security requirements
- Able to establish and manage to a planned set of related activities with a focus on hitting deadlines
- You will be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role, as well as providing development for other roles you may be interested in.
- Bachelor’s degree in an IT related discipline or equivalent experience
- Experience working in large and highly regulated organizations
- Experience measuring and managing security maturity in alignment with ISO 27001
- Experience with practical interpretation and application of policy and standards
- Current security certifications like CISSP, CCSP, CEH, etc. or able to develop within 12 months
- Demonstrable experience with public cloud platforms (AWS, Azure, GCP)
- Experience with technologies such as Palo Alto, F5, FireEye, Moloch and DAST, SAST and IAST tools
- Subject matter expert knowledge of the technology aspects of security
Careers with Optum. Here’s the idea. We built an entire organization around one giant objective; make the health system work better for everyone. So when it comes to how we use the world’s large accumulation of health-related information, or guide health and lifestyle choices or manage pharmacy benefits for millions, our first goal is to leap beyond the status quo and uncover new ways to serve. Optum, part of the UnitedHealth Group family of businesses, brings together some of the greatest minds and most advanced ideas on where health care has to go in order to reach its fullest potential. For you, that means working on high performance teams against sophisticated challenges that matter. Optum, incredible ideas in one incredible company and a singular opportunity to do your life’s best work.SM
Please note you must currently be eligible to work and remain indefinitely without any restrictions in the country to which you are making an application. Proof will be required to support your application.
Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.