Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together.

Primary Responsibilities:

• As Part of Information Security team at Optum Health & Technology candidate is responsible for ensuring the effectiveness of ISO 27001 controls through periodic risk assessment (Internal), internal & External Audits
• Aspired candidate manages and coordinates audit engagements across multiple domains, including ISO 27001 Certification audits, HITRUST Audits, Physical & Technical Audits, Vulnerability Management
• To maintaining compliance, identifying, and mitigating risks
• To strengthen the organization’s overall security posture through proactive governance and continuous improvement
• Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regard to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so

Required Qualifications:

• Any bachelor’s degree
• 2+ years of hands-on experience in managing security audits and driving compliance across global standards, including ISO 27001:2022, HIPAA, and SOC
• The ideal candidate should bring solid technical and process-oriented knowledge in information security, risk management, and vulnerability management
• Practical experience in conducting audits, facilitating risk assessments, implementing controls, and working closely with cross-functional teams to ensure the organization’s security posture aligns with regulatory and business objectives

Preferred Qualifications:

• Relevant certifications such as ISO 27001 Lead Auditor, CISA, or CEH
• Relevant experience on SAST, DAST
• Experience in vulnerability assessments

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone – of every race, gender, sexuality, age, location and income – deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes – an enterprise priority reflected in our mission.

#NJP