Principal Information Security Risk Engineer - Remote

UnitedHealth Group is a health care and well-being company that’s dedicated to improving the health outcomes of millions around the world. We are comprised of two distinct and complementary businesses, UnitedHealthcare and Optum, working to build a better health system for all. Here, your contributions matter as they will help transform health care for years to come. Make an impact with a diverse team that shares your passion for helping others. Join us to start Caring. Connecting. Growing together.

The M&A security team has a new requirement to enhance the AE (Acquired Entity) cyber diligence process, pre-close evaluations, and overall AE security model.

You’ll enjoy the flexibility to work remotely * from anywhere within the U.S. as you take on some tough challenges.

Primary Responsibilities:

• Provide technical and functional guidance to enhance, minimize, and mitigate the technical and operations drivers of InfoSec risk within Acquired Entity space across all business segments
• Support the technical and business level assessment and review of areas of security risk
• Support and actively manage the risk portfolio of Acquired Entities
• Act as core resource for cyber diligence, pre-close evaluations and proactive development of the Acquired Entity security model enhancements
• Provide technical and policy guidance to Acquired Entities
• Support the Segment CIO and XISO/BISO structures in the development of and tactical enablement of Acquired Entity technology review processes
• Partner with segment stakeholders to support customer and regulatory audits of the Acquired Entity Information Security Program
• Significant level of communications (oral and written) to senior management on risk management concepts, as well as specific project risks and risk mitigation options/scenarios
• Maintains a deep understanding of the Acquired Entity business, their customers, and service-delivery models. This understanding includes strategic business initiatives and goals, key systems and key contacts within the business and IT
• Maintains current knowledge on information security topics and their applicability to UHG and its Acquired Entities

You’ll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.

Required Qualifications:

• 5+ years of information security experience in a large, highly regulated enterprise
• 5+ years of proven internal/external client relationship management skills with senior management on issues and key risks to the business (presentations, executive summaries, etc.)
• 5+ years of subject matter expert knowledge of the technology aspects of security
• 2+ years of experience working with Acquired Entities
• 5+ years of risk management experience to include identification, prioritization and mitigation of information security risks
• Legally authorized to work in the US without any restrictions. Proof will be required

Preferred Qualifications:

• Bachelor’s degree in Information Technology
• Technical security certification (CISSP/CISM)
• Experience with multiple information security frameworks (ISO, NIST, HITRUST, etc.)

*All employees working remotely will be required to adhere to UnitedHealth Group’s Telecommuter Policy

The salary range for this role is $106,800 to $194,200 annually based on full-time employment. Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. UnitedHealth Group complies with all minimum wage laws as applicable. In addition to your salary, UnitedHealth Group offers benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with UnitedHealth Group, you’ll find a far-reaching choice of benefits and incentives.

Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants.

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone–of every race, gender, sexuality, age, location and income–deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission.

UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations.

UnitedHealth Group is a drug - free workplace. Candidates are required to pass a drug test before beginning employment.