Senior Information Security Engineering Consultant

Posted Yesterday
Be an Early Applicant
Hiring Remotely in City of Muntinlupa, Rizal, Calabarzon, PHL
Remote
Senior level
Artificial Intelligence • Big Data • Healthtech • Information Technology • Machine Learning • Software • Analytics
The Role
Lead vendor security risk assessments and third-party risk management for healthcare solutions. Develop and maintain GRC frameworks, evaluate controls against HIPAA/HITRUST/NIST 800-53, recommend mitigations, perform control testing, and produce executive reports. Partner with stakeholders to implement vendor risk programs, monitor remediation, and ensure regulatory compliance.
Summary Generated by Built In
Requisition Number: 2364586
Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together.
This role is responsible for conducting security risk assessments of vendor-provided solutions within a healthcare environment, focusing on the protection of sensitive health information and organizational systems. This role evaluates vendor controls against frameworks such as NIST SP 800-53 and ensures alignment with HIPAA security requirements, identifying gaps and recommending mitigation strategies. The analyst leverages knowledge of U.S. healthcare technologies (e.g., EHR systems, medical devices) and associated cybersecurity risks to support informed, risk-based decision making.
Primary Responsibilities:
  • Governance, Risk & Compliance (GRC):
    • Develop and maintain GRC frameworks aligned with organizational goals and regulatory requirements
    • Perform third party risk assessments with an emphasis on solution-specific assessments, requiring a knowledge of US-based healthcare information technology
    • Ensure compliance with regulatory requirements for our clients
    • Monitor information security risks and drive remediation of policy exceptions
    • Conduct control testing to evaluate maturity and eAectiveness of security controls (HIPAA/HITRUST/NIST 800-53)
    • Work with business stakeholders on defining risk thresholds, implementing risk frameworks, and remediate identified gaps
    • Stay current on regulatory changes, security trends, and compliance requirements
    • Create executive summary /reporting for executives
    • Serves as POC (Point of Contact) in lead's absence
  • Third-Party Risk Management (TPRM):
    • Establish a baseline of vendor risk and identify areas of potential exposure
    • Design and implement a consistent Vendor Risk Management (VRM) program with an emphasis on vendor solutions, aligned with internal policy and regulatory requirements
    • Conduct pre-contract due diligence and ongoing vendor solution risk assessments
    • Develop mitigation plans and partner with internal stakeholders to monitor vendors post-contract
    • Provide guidance to business units and sourcing teams on VRM requirements
    • Maintain structured governance for vendor risk and procurement compliance
    • Continually reassess operational risks and emerging threats related to vendors and vendor supplied solutions
    • Create executive summaries with recommendations for remediation and risk disposition
    • Track key vendor related metrics
  • Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so

Required Qualifications:
  • Bachelor's degree in information security, Risk Management, or related field (or equivalent experience)
  • 5+ years of experience in Governance, Risk & Compliance and/or Third-Party Risk Management
  • Solid understanding of risk management frameworks (HIPAA, HITRUST, NIST 800 53) and regulatory requirements
  • Proficiency in GRC platforms and vendor risk management tools
  • Proven excellent analytical skills with ability to interpret large datasets and create actionable reports
  • Demonstrated solid verbal and written communication skills; ability to present recommendations to senior leadership
  • Demonstrated ability to work independently and manage complex, less-structured issues

Preferred Qualifications:
  • Experience in developing risk frameworks and dashboards
  • Familiarity with healthcare technologies such HER systems, biomedical devices, SaaS, etc.
  • Familiarity with procurement processes and vendor governance
  • Exposure to federal/state regulatory compliance requirements
  • Demonstrated ability to act as a point of contact and lead in absence of senior leadership

Key Competencies:
  • Risk Analysis & Assessment
  • Vendor Risk Management
  • Regulatory Compliance
  • Process Improvement
  • Stakeholder Communication
  • Problem Solving & Decision Making

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.
Optum is a drug-free workplace. © 2026 Optum Global Solutions (Philippines) Inc. All rights reserved.

Skills Required

  • Bachelor's degree in information security, Risk Management, or related field (or equivalent experience)
  • 5+ years of experience in Governance, Risk & Compliance and/or Third-Party Risk Management
  • Solid understanding of risk management frameworks (HIPAA, HITRUST, NIST 800-53) and regulatory requirements
  • Proficiency in GRC platforms and vendor risk management tools
  • Proven analytical skills with ability to interpret large datasets and create actionable reports
  • Demonstrated solid verbal and written communication skills; ability to present recommendations to senior leadership
  • Demonstrated ability to work independently and manage complex, less-structured issues
  • Experience in developing risk frameworks and dashboards
  • Familiarity with healthcare technologies such as EHR systems, biomedical devices, SaaS
  • Familiarity with procurement processes and vendor governance
  • Exposure to federal/state regulatory compliance requirements
  • Ability to act as point of contact and lead in absence of senior leadership

What the Team is Saying

Optum Compensation & Benefits Highlights

  • Leave & Time Off Breadth PTO accrues each pay period with eight paid U.S. holidays plus a floating holiday, and generous time away is consistently emphasized. This breadth supports planned and unplanned time off beyond standard vacation days.
  • Parental & Family Support Six weeks of paid parental leave, up to two weeks of paid caregiver leave, Bright Horizons back‑up care, and adoption assistance signal strong family-oriented support. EAP access with counseling sessions further extends help to employees and their households.
  • Wellbeing & Lifestyle Benefits Company‑paid short‑ and long‑term disability, Calm app membership, tuition reimbursement, commuter and FSA accounts, and broad employee discounts expand everyday wellbeing resources. Free or low‑cost virtual visits complement these lifestyle supports.

Optum Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Eden Prairie, MN
160,000 Employees
Year Founded: 2011

What We Do

Optum, part of the UnitedHealth Group family of businesses, is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. At Optum, we support your well-being with an understanding team, extensive benefits and rewarding opportunities. By joining us, you’ll have the resources to drive system transformation while we help you take care of your future. We recognize the power of connection to drive change, improve efficiency and make a difference in health care. Join a team where your skills and ideas can make an impact and where collaboration is key to creating technology that produces healthier outcomes.

Gallery

Gallery
Gallery
Gallery

Optum Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Optum has three workplace models that balance the needs of the business and the responsibilities of each role. These models, core on‑site (5 days/week), hybrid (4 days/week) and telecommute or fully remote, vary by country, role and location.

Typical time on-site: Not Specified
HQEden Prairie, MN
Metro Manila, Philippines
Cebu, Philippines
Davao, Philippines
Ann Arbor, MI
Atlanta, GA
Baltimore, MD
Bengaluru, India
Chennai, India
Dallas, TX
Detroit, MI
Dublin, Ireland
Hartford, CT
Houston, TX
Hyderabad, India
Jacksonville, FL
Las Vegas, NV
Letterkenny, Ireland
Louisville, KY
Madison, WI
Minneapolis, MN
Nashville, TN
New Delhi, India
Philadelphia, PA
Phoenix, AZ
Pune, India
Raleigh, NC
San Diego, CA
Washington, DC
Learn more

Similar Jobs

Optum Logo Optum

Consultant

Artificial Intelligence • Big Data • Healthtech • Information Technology • Machine Learning • Software • Analytics
Remote
City of Muntinlupa, Rizal, Calabarzon, PHL
160000 Employees

Optum Logo Optum

Security Engineer

Artificial Intelligence • Big Data • Healthtech • Information Technology • Machine Learning • Software • Analytics
Remote
City of Muntinlupa, Rizal, Calabarzon, PHL
160000 Employees

Optum Logo Optum

HR Intern - People Team

Artificial Intelligence • Big Data • Healthtech • Information Technology • Machine Learning • Software • Analytics
Remote
City of Muntinlupa, Rizal, Calabarzon, PHL
160000 Employees

Optum Logo Optum

Medical Allied Graduates - BPO Experienced - Muntinlupa

Artificial Intelligence • Big Data • Healthtech • Information Technology • Machine Learning • Software • Analytics
Remote
City of Muntinlupa, Rizal, Calabarzon, PHL
160000 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account