Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Come make an impact on the communities we serve as we help advance health equity on a global scale. Here, you will find talented peers, comprehensive benefits, a culture guided by diversity and inclusion, career growth opportunities and your life's best work.(sm)
As a Senior Director in Enterprise Vulnerability Management (EVM), you will be a key member of the Enterprise Information Security, leading a team responsible for Vulnerability Management Operations (VMO). The successful candidate will be responsible for defining VM Operations requirements and will ensure governance of VMO leading to SLA based remediation of vulnerabilities. The successful candidate will exhibit the skills of an experienced leader, with a disciplined approach to process excellence. You will work within a group tasked with coordinating vulnerability management operations across cross functional teams to ensure that our technology landscape stay at the highest security level. In a dynamic rapidly growing organization, you will be required to be innovative and collaborative to be successful. Candidate must be comfortable working and communicating with executives and should be able to work with technology engineers.
This role must be held within commutable distances to one of our offices locations, you will have the flexibility to work remotely* as well as work in the office as you take on some tough challenges.
Program Management

• Communicate functional vision and establish aligned direction and goals; obtain and effectively allocate resources; create systems to measure results to sustain a comprehensive Vulnerability Management Operations Program
• Provide governance to the vulnerability management operations to ensure SLA based remediation of vulnerabilities across the enterprise
• Lead (directly/indirectly) a team of technical specialists who partner with UHG's Technology and business teams in releasing secure and compliant infrastructure, applications, and experiences at the speed of business
• Lead a team of robust individuals who perform security reviews and recommend security solutions to meet current and future needs for UHG technology landscape
• Drive the development and implementation of policies, standards, guidelines, standard security review processes that result in effective methods for detecting and remediating security risks before & after product releases
• Demonstrate an ability to influence all project and portfolio partners; communicate relevant security information to both executive leaders in an effective manner

Vulnerability Management

• Bring a deep background and broad experience in Information Security, Vulnerability Management, or related areas in Cyber Security
• Influence business technology groups to remediation security weaknesses as per defined enterprise policies
• Use Threat Modeling and integrating threat modeling practices into the product life cycle to proactively detect and prioritize threats for remediation
• Lead project budgets and scope and conduct resource planning for risks that are proactively identified
• Use experience with vulnerability scanning products across Application, Infrastructure & Cloud technology and help evolve the tool strategy in partnership with Security engineering

Stakeholder Management

• Ability to produce effective metrics reporting the state of Vulnerability Management Operations
• Consult stakeholder discussions at periodic intervals to ensure that stakeholders are updated about key VM initiatives
• Be a point of contact for liaison for external and internal stakeholders

You'll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.
Required Qualifications:

• 15+ years of mix of experience in Vulnerability Management or Information Security Risk Governance
• Experience with implementing successful and effective SDLC program with high level of automation
• Experience in performing architecture and source code reviews for security issues
• In-depth experience with common web application vulnerabilities, such as the OWASP Top 10, and business logic flaws; ability to explain all vulnerabilities and weaknesses and discuss effective defensive techniques
• Proven presentation and facilitation skills
• Solid knowledge of Agile practices, DevOps, DevSecOps, application build and deployment using automation [Jenkins / CICD tools]

Preferred Qualifications:

• In-depth understanding of competitor, financials, and industry dynamics
• Experience working successfully in a high matrix large corporate organization
• Ability to work collaboratively in a global team with a positive team spirit

Technology Careers with Optum. Information and technology have amazing power to transform the health care industry and improve people's lives. This is where it's happening. This is where you'll help solve the problems that have never been solved. We're freeing information so it can be used safely and securely wherever it's needed. We're creating the very best ideas that can most easily be put into action to help our clients improve the quality of care and lower costs for millions. This is where the best and the brightest work together to make positive change a reality. This is the place to do your life's best work.(sm)
*All employees working remotely will be required to adhere to UnitedHealth Group's Telecommuter Policy.
At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.
Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity/Affirmative Action employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.
UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.
#DICE #EISecurity