Chief Information Security Officer, CISO – OptumServe – Minneapolis, MN or Telecommute

at UnitedHealth Group
Location Atlanta, GA
Date Posted April 21, 2021
Category Default
Job Type Full-time

Description

Optum, a part of the UnitedHealth Group family of businesses, continues to evolve and make a bigger impact through its extensive expertise in combining technology, data and people to create novel health care solutions and services across the globe. OptumServe is following suit by creating and delivering care that meets the health needs of active duty service members, veterans and their families. We're partnering with federal and state government agencies to meet the readiness and health needs of active duty military members and veterans by providing preventive health screenings and assessments to ensure that troops are ready to answer the call of duty. For those who want to intensify their impact in a career that brings together challenge, learning and growth, OptumServe is the right place to do your life’s best work.(sm)

The Chief Information Security Officer (CISO) is accountable for leading the information security function in a manner that securely supports strategic mission and business-aligned risk mitigation practices.

The CISO is chartered with overseeing OptumServe’ s Information Security program and aligning the program with the Enterprise Information Security (EIS) program, policies and procedures. 

The CISO will ensure OptumServe’ s leadership as well as Enterprise Information Security leaders (Optum CISO, UHG CISO) are aware of existing and potential information security risks. The CISO will maintain solid relationships with business partners to help secure business support and drive risk-mitigation initiatives as enablers of business growth and transformation. 

You’ll enjoy the flexibility to telecommute* from anywhere within United States as you take on some tough challenges.

Primary Responsibilities: 
The CISO partners with Enterprise Information Security in driving the enterprise to continuously improve its security decision-making and risk mitigation capabilities including:

  • Strengthens business relationships throughout the information security team form closer relationships with LoB and technology teams across the enterprise
  • Partners with the business to align business and information security strategies and capture the value of security investments to safeguard enterprise assets
  • Aligns business operations and critical information assets to institute strategic governance that prioritizes information security investments and ensures that security and business resources and budgets are fully aligned to execute the priorities of the organization and deliver expected results
  • Monitors the effectiveness of the security program, processes, and controls in place, addressing considerations such as whether controls are working as intended, data is secure, and information is properly shared. Monitor processes that safeguard the confidentiality, integrity, and availability of data and drive the overall security program
  • Measures and report on information security risks to keep stakeholders informed and meet compliance, regulatory and customer requirements

Key Actions:

  • Leverage deep business knowledge and act as a credible partner who provides business-centric advice on how risk management can help the business
  • Utilize business, negotiation and relationship skills to obtain buy-in and support from executive leadership
  • Educate and partner with business units to accomplish tasks instead of regularly enforcing requirements and consequences when the organization falters
  • Track progress through metrics to show how information security has helped enable the business. The metrics should be meaningful and tied back to the business’ strategic initiatives
  • Demonstrate and correlate how cyber security risk reduction enables secure operations, prevents and/or mitigates business loss, is as a competitive advantage and business differentiator

Outcomes

  • Alignment of key growth drivers with business value in the organization to how they are protected
  • Identification of threats and vulnerabilities providing greatest cyber risk exposure to the business value drivers.
  • Mapping the foundational capabilities and practices in place to protect our critical assets
  • Measuring the effectiveness for monitoring, detecting and responding to cyber risk with metrics that demonstrate we are effectively protecting OptumServe and the enterprise

You’ll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.

Required Qualifications: 

  • 8+ years of IT security experience
  • Background in Federal government work, including an understanding of government publications NIST SP 800-53. CMMC, HIPAA, etc.
  • Experience with Certification and Accreditation (C&A) activities with federal government to include 
  • Experience with developing NIST Security Documentation such as the System Security Plan (SSP) or Information Security Risk Assessment (ISRA)
  • Excellent technical writing skills 
  • If you need to enter a work site for any reason, you will be required to screen for symptoms using the ProtectWell mobile app, Interactive Voice Response (i.e., entering your symptoms via phone system) or similar UnitedHealth Group-approved symptom screener. When in a UnitedHealth Group building, employees are required to wear a mask in common areas. In addition, employees must comply with any state and local masking orders

Preferred Qualifications: 

  • Bachelor’s degree or higher 
  • CISSP, CISM or equivalent certifications 
  • Ability to work effectively in a fast paced and changing environment, balance multiple tasks and priorities, and meet deadlines

Careers with Optum. Here's the idea. We built an entire organization around one giant objective; make health care work better for everyone. So when it comes to how we use the world's large accumulation of health-related information, or guide health and lifestyle choices or manage pharmacy benefits for millions, our first goal is to leap beyond the status quo and uncover new ways to serve. Optum, part of the UnitedHealth Group family of businesses, brings together some of the greatest minds and most advanced ideas on where health care has to go in order to reach its fullest potential. For you, that means working on high performance teams against sophisticated challenges that matter. Optum, incredible ideas in one incredible company and a singular opportunity to do your life's best work.(sm)

Colorado Residents Only: The salary range for Colorado residents is $130,300 to $250,200. Pay is based on several factors including but not limited to education, work experience, certifications, etc. As of the date of this posting, In addition to your salary,  UHG offers the following benefits for this position, subject to applicable eligibility requirements: Health, dental, and vision plans; wellness program; flexible spending accounts; paid parking or public transportation costs; 401(k) retirement plan; employee stock purchase plan; life insurance, short-term disability insurance, and long-term disability insurance; business travel accident insurance; Employee Assistance Program; PTO; and employee-paid critical illness and accident insurance.

*All Telecommuters will be required to adhere to UnitedHealth Group’s Telecommuter Policy.
 
For more information on our Internal Job Posting Policy, click here.

Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law. 

UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.

Job Keywords: Chief Information Security Officer (CISO)- OptumServe, IT security , government publications NIST SP 800-53. CMMC, HIPAA, Certification and Accreditation (C&A) , NIST Security Documentation , Information Security Risk Assessment, CISSP, CISM, Telecommute, Telecommuting, Telecommuter, Work From Home, Remote, Minnetonka, Minneapolis, MN 

Drop files here browse files ...