IT Security Policy Analyst - Golden Valley, MN or Telecommute - Full-time / Part-time

This role will serve as a Policy Analyst within the Information Risk Management (IRM) Policy Management organization.  Under the direction of the Policy Management Manager, this role will be responsible for coordinating the review and approval of changes to Security Policy, Standards, and other guidance documents, as well as publishing the final documents. Additionally, the Policy Analyst will monitor and respond to routine requests for clarifications and interpretations of security guidance requirements, in coordination with IT and Security Subject Matter Experts. This role is expected to be fully knowledgeable on both the content of security guidance documents and the processes for maintaining those documents.

Primary Responsibilities:

• Consolidate requests for changes to security policies and standards into a single consolidated set of changes


• Coordinate the review and approval for proposed changes by Subject Matter Experts and senior management


• Assist in the review of relevant security risk and threat information against current security requirements, to identify requirements which may require updating


• Maintain in-depth understanding of UnitedHealth Group security policy and standards requirements, and be able to help interpret and apply them for different scenarios


• Respond to routine questions concerning policy and standards guidance


• Maintain accurate records of security guidance review activities and approvals


• Maintain metrics data on policy management processes

Competencies and Best Practice for High Performers:

• Exhibits strong customer and continuous improvement focus


• Demonstrated ability to reliably and accurately execute assigned tasks, with minimal oversight


• Excellent oral and written communications skills, with demonstrated ability to effectively communicate with IT and business technicians and senior management


• General understanding of the health care industry and Information Technology


• Hands-on experience and knowledge of topics within the Information Security discipline


• Pays attention to the details in all work products, and maintain accurate records of approval and status information


• Ability to successfully support multiple competing and conflicting activities 

Required Qualifications:

• Bachelor's degree or equivalent


• Familiarity with at least one information security framework (ISO, NIST, HITRUST, etc.)


• Experience in the Information Security field

• Familiarity with Risk Management processes and techniques


• Experience with the development and writing of security policies and standards


• Experience with multiple information security frameworks (ISO, NIST, HITRUST, etc.)


• CISSP/CISM, or equivalent professional security certification


• Health care experience


• Pharmacy Benefit Management or Clinical experience


• Graduate Degree


• Experience developing security policies and standards for International environments


• Experience with use of Archer eGRC tool

 
Diversity creates a healthier atmosphere: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.
 
UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.

Job keywords: IT, Security Policy, Security Policies, Analyst, Risk Management, Golden Valley, MN, Minnesota, Telecommute, Telecommuter, work from home, remote