Be an Early Applicant
The Role
The role involves ensuring compliance with policies, remediating security risks, managing vendor risk, and providing guidance on security frameworks and policies.
Summary Generated by Built In
Requisition Number: 2365782
Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together.
Primary Responsibilities:
Required Qualifications:
At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone - of every race, gender, sexuality, age, location and income - deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.
Optum is a drug-free workplace. © 2026 Optum Global Solutions (Philippines) Inc. All rights reserved.
Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together.
Primary Responsibilities:
- Ensure compliance to the business agreement, policies, procedures, & regulations along with ability to map controls and compliance requirements
- Perform information security policies review based on industry best practice and framework gap
- Monitors information security risks and drives remediation of policy exceptions
- Establishes compliance with data privacy regulation
- Identify process and security gaps, recommend improvements, and assist to implement corrective action.
- Identify required process improvements to proactively address risks/vulnerabilities/threats
- Perform and manage Control/Risk Assessment and remediation of identified findings as per process documents
- Establish a baseline of vendor risk, identify areas of potential exposure, develop and align vendor risk management strategies with Client's goals and objectives, and execute program ensuring consistency
- Support the design and implementation of a common and consistent vendor risk management (VRM) program to effectively manage vendor risk in accordance with internal policy and Federal/State Regulatory requirements
- Maintain current knowledge on quality management and information security topics and their applicability program requirements
- Serves as POC (Point of Contact) in lead's absence
- Create executive summaries with recommendations & direction regarding remediation efforts and disposition of the third party
- Communicate professionally with stakeholders/end users through multiple communication
- Define risk thresholds, develop, and implement a risk framework, remediate identified gaps, governing the process
- Manage the process of granting and expiring exceptions to policies and control standards through the GRC platform
- Establish real-time actionable dashboards for Policies and Standard and Risk Management
- Monthly review of High and Critical risks with risk owners and executive leadership
- Establish an Executive dashboard to provide visibility into the goals and KPI's
- Perform control testing to evaluate the maturity and effectiveness of implemented security controls based on HITRUST/ NIST 800-53 revision 2 Framework.
- Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regard to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so
Required Qualifications:
- 5 + years of technical experience in Information Security
- 5+ years GRC platform implementation and migration experience for different tool (such as NAVEX Service Now, LogicGate, Rsam, Perimeter)
- 5+ years IT Auditing skills and the ability to manage risk assessments / projects independently
- Experience with federal cyber security standards (such as NIST 800-53)
- Proven excellent communication skills both verbal and written
- Good presentation skills particularly ability to present technology elements in manner personnel can follow and act
- Good understanding of ISO27001 and Security Core Concepts
- Good understanding of Risk Register, risk acceptance and risk exceptions
At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone - of every race, gender, sexuality, age, location and income - deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.
Optum is a drug-free workplace. © 2026 Optum Global Solutions (Philippines) Inc. All rights reserved.
Skills Required
- 5+ years of technical experience in Information Security
- 5+ years GRC platform implementation and migration experience
- 5+ years IT Auditing skills
- Experience with federal cybersecurity standards
- Excellent verbal and written communication skills
- Good presentation skills
- Good understanding of ISO27001
- Good understanding of Risk Register
Optum Compensation & Benefits Highlights
-
Healthcare Strength — Health coverage offers multiple plan types with employer HSA contributions, in‑network preventive care at 100%, and included 24/7 virtual visits, alongside dental and vision options. This breadth allows predictable copay choices or tax‑advantaged HSA designs to fit different usage needs.
-
Retirement Support — Retirement programs include a 401(k) with employer match eligibility and full vesting over time plus an Employee Stock Purchase Plan at a discount. Together these elements support long‑term savings and ownership.
-
Parental & Family Support — Family supports include six weeks paid parental leave, paid caregiver leave, adoption assistance, and subsidized Bright Horizons back‑up care. Emotional well‑being resources like a premium Calm subscription and a 24/7 EAP complement these supports.
Optum Insights
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Optum, part of the UnitedHealth Group family of businesses, is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. At Optum, we support your well-being with an understanding team, extensive benefits and rewarding opportunities. By joining us, you’ll have the resources to drive system transformation while we help you take care of your future. We recognize the power of connection to drive change, improve efficiency and make a difference in health care. Join a team where your skills and ideas can make an impact and where collaboration is key to creating technology that produces healthier outcomes.
Gallery
Optum Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
Optum has three workplace models that balance the needs of the business and the responsibilities of each role. These models, core on‑site (5 days/week), hybrid (4 days/week) and telecommute or fully remote, vary by country, role and location.
Typical time on-site:
Not Specified
