Senior Technology Project Manager

Requisition Number: 2366467
Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together.
The Security Controls Analyst supports the Security Controls Program Manager by executing the design, implementation, monitoring, and continuous improvement of enterprise security controls. This role helps operationalize secure by design practices, reduces cyber risk, supports detection and response functions, and ensures controls meet regulatory and policy requirements. The ideal candidate is detail oriented, technically proficient, and committed to strengthening the organization's security posture at scale.
Primary Responsibilities:

• Support the Design & Implementation of Effective Security Controls
  • Assist in developing and refining security control requirements, configuration standards, and implementation patterns
  • Collaborate with engineering and architecture teams to integrate controls into systems, applications, and cloud environments
• Reduce the Likelihood and Impact of Cyber Threats
  • Perform control assessments, identify gaps, and recommend improvements
  • Conduct technical analysis of vulnerabilities, misconfigurations, and emerging threats as they relate to control effectiveness
• Enable Secure by Design Technology Delivery
  • Participate in security reviews, threat modeling, and design sessions to ensure security considerations are included early
  • Document secure-by-design guidance and help teams adopt approved controls and configurations
• Operationalize Security Controls at Scale
  • Help build automation, scripts, and repeatable processes that can be deployed while validating controls across the enterprise
  • Monitor telemetry and performance metrics to ensure controls remain functional, effective, and up to date
• Support Detection, Response, and Recovery
  • Ensure deployed controls produce accurate and actionable logging for security monitoring
  • Support incident response teams by validating control behavior during events and assisting in post-incident hardening
• Ensure Regulatory & Policy Alignment
  • Map controls to internal policies, regulatory requirements, and frameworks such as NIST, CIS, and ISO
  • Assist in gathering evidence for audits, compliance reviews, and internal risk assessments
• Continuously Improve Security Control Maturity
  • Maintain documentation, standards, diagrams, and process materials
  • Contribute to maturity assessments and help track KPIs, metrics, and remediation activities
• Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so

Required Qualifications:

• Undergraduate degree or equivalent experience
• 2+ years of experience in cybersecurity, security engineering, IT operations, or related technical fields
• Basic to intermediate knowledge of security control frameworks (NIST, CIS, ISO)
• Understanding of cloud security controls (Azure, AWS, or GCP)
• Proven solid analytical skills and attention to detail
• Proven ability to work collaboratively across multiple teams

Preferred Qualifications:

• Relevant certifications (Security+, GSEC, CCSK, etc.)
• Experience with automation or scripting (PowerShell, Python, etc.)
• Familiarity with SIEM tools, vulnerability management platforms, or cloud security posture management tools

Success Measures

• Accurate and timely execution of security control deployment and maintenance tasks
• Measurable improvements in control effectiveness and risk reduction
• High-quality documentation, evidence collection, and reporting
• Solid support for engineering, operations, and security teams

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.