The job below is no longer available.

You might also like

in Eden Prairie, MN

Use left and right arrow keys to navigate
Hours Full-time, Part-time
Location Eden Prairie, MN
Eden Prairie, Minnesota

About this job


Security is a market differentiator and critical business function and our customers are demanding excellence. An effective security program is driven from all areas of the business and technology. In this newly created “Technology Security Advisor” role, you will work in partnership with the Information Risk Management (IRM) Business Office Leader and the IRM Operations Leader to develop clear objectives, metrics and execution plans and deliver in accordance with the plans. You will share accountability with IRM to centralize security initiatives within the company, formalizing them as part of our common security strategy. As part of our commercial software delivery organization, you will develop and communicate security requirements to all involved stakeholders.



Specific responsibilities will include the following:




  • Represent the needs of our commercial software organization to IRM and ensure they provide appropriate solutions

  • Create a roadmap of security requirements that is aligned to our go-to-market strategy

  • Ensure incorporation of leading edge security capabilities into our product portfolio 

  • Partner with IRM and the business operators to develop composite metrics and approved risk scores aligned to the business objectives for the segment

  • Work with the Product Lifecycle Management (PLM) team to develop and execute communication plan for Business and IT leaders regarding PLM

  • Develop a financial plan to account for PLM; communicate this plan to IT and Business leaders; ensure that prioritized PLM activities are fully funded and scheduled (5-year plan)

  • Drive the remediation of the prioritized list of application vulnerabilities according to the timing requirements specified by IRM policy (if applicable)

  • Provide feedback to IRM to drive efficiency and clarity so that processes and communications can be improved

  • Partner with the IRM Communications team (“Safe With Me”) to communicate the importance and relevance of current events and changes to IRM policies within their respective organizations

  • Partner with the Common Security Framework (CSF) team to assist with the development of the CSF maturity assessments and objectives

  • Serve as the single point of contact for IRM into their respective organization to manage industry events, security process changes and incidents as appropriate

  • Serve as the single point of contact for IRM into their respective organizations for audit and compliance issues

  • Integrate Security into the technology development  and M&A strategies; focus on getting that security ownership into the business, into those key critical applications that really run the business that are outside the infrastructure and core

  • Security education by commodity vertical – decompose the organization to create security education relevant to the business function. This means going from a “one size fits all” approach to tailored security education program customized to that unique business line – Finance, Clinical, Payer, Provider, etc. 

  • Partner with IRM team to increase the IRM business acumen

  • Partner with the Office of the CIO team to ensure that funding is available as needed for vulnerability remediation and that the remediation work is scheduled into releases to meet the timing

  • Develop and execute a plan to reduce application vulnerabilities by understanding root cause and eliminating common cause (Note: IRM resources will partner with the TSL to provide root cause analysis assistance, training, education and support)

  • Own the monthly report for vulnerability remediation, tracking and progress toward elimination of vulnerabilities

  • Drive the execution of prioritized PLM work

  • Partner with the IRM Education team to identify gaps in the organization's knowledge of security policies and practices; develop and execute a plan to close the gaps

Requirements

  • Proven track record in the Security domain for commercial software products
  • 15 + years' progressive experiences in a large, global, matrixed organization
  • Demonstrated ability to influence without authority
  • Proven cross-functional collaborator with strong interpersonal and communications skills
  • Well-honed writing and documentation skills, evidenced by the creation of clear requirements documents, roadmaps and presentations
  • Ability to build deep business acumen and institutional and organizational knowledge quickly
  • Previous experiences presenting to and negotiating with executives
  • ISC2 certifications desired 
  • Experience in the HIT and/or health services industries preferred


Careers with Optum. Here's the idea. We built an entire organization around one giant objective; make health care work better for everyone. So when it comes to how we use the world's large accumulation of health-related information, or guide health and lifestyle choices or manage pharmacy benefits for millions, our first goal is to leap beyond the status quo and uncover new ways to serve. Optum, part of the UnitedHealth Group family of businesses, brings together some of the greatest minds and most advanced ideas on where health care has to go in order to reach its fullest potential. For you, that means working on high performance teams against sophisticated challenges that matter. Optum, incredible ideas in one incredible company and a singular opportunity to do your life's best work.SM
 


 


Diversity creates a healthier atmosphere: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.


   


UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.