[Owasp-twincities] Request to share job posting with list members - Technology Security Advisor - UnitedHealth Group

Oliver, Janet janet_oliver at uhg.com
Wed Sep 2 14:52:09 UTC 2015

Good morning!  Could you please share this opportunity with your list members?  Thank you for your consideration!

Janet Oliver | IT Sourcing Manager
UNITEDHEALTH GROUP | Talent Acquisition
E: janet_oliver at uhg.com<mailto:janet_oliver at uhg.com> | D: 860.702.8054
What makes you special can inspire your life's best work.SM
Connect with us via:     [Description: C:\Users\htheede\Desktop\linkedin-logo2.jpg] <http://www.linkedin.com/groups?gid=2568369&trk=myg_ugrp_ovr>   [Description: C:\Users\htheede\Desktop\facebook_icon.jpg] <http://www.facebook.com/uhgcareers>   [Description: C:\Users\htheede\Desktop\twitter_icon.jpg] <https://twitter.com/uhgcareers>   [Description: C:\Users\htheede\Desktop\youtube-icon.jpg] <http://www.youtube.com/uhgcareers>   [Description: C:\Users\htheede\Desktop\google plus.png] <https://plus.google.com/115061441532766250771#115061441532766250771/posts>   [Description: C:\Users\htheede\Desktop\Pintrest.png] <http://pinterest.com/uhgcareers/>   [Description: C:\Users\htheede\Desktop\wordpress.png] <http://www.healthyatuhg.com/>
Careers Website<http://careers.unitedhealthgroup.com/?utm_source=outlook&utm_medium=email&utm_campaign=branding&utm_term=&utm_content=na_na_na_na> | Mobile Careers Website<http://www.workatuhg.com/?utm_source=outlook&utm_medium=email&utm_campaign=branding&utm_term=&utm_content=na_na_na_na> | Network with Us<http://careers.unitedhealthgroup.com/Network-With-Us.aspx?utm_source=outlook&utm_medium=email&utm_campaign=branding&utm_term=&utm_content=na_na_na_na>

Technology Security Advisor
UnitedHealth Group - Eden Prairie, MN

Security is a market differentiator and critical business function and our customers are demanding excellence. An effective security program is driven from all areas of the business and technology. In this newly created Technology Security Advisor role, you will work in partnership with the Information Risk Management (IRM) Business Office Leader and the IRM Operations Leader to develop clear objectives, metrics and execution plans and deliver in accordance with the plans. You will share accountability with IRM to centralize security initiatives within the company, formalizing them as part of our common security strategy. As part of our commercial software delivery organization, you will develop and communicate security requirements to all involved stakeholders.

Specific responsibilities will include the following:
*  Represent the needs of our commercial software organization to IRM and ensure they provide appropriate solutions
*  Create a roadmap of security requirements that is aligned to our go-to-market strategy
*  Ensure incorporation of leading edge security capabilities into our product portfolio
*  Partner with IRM and the business operators to develop composite metrics and approved risk scores aligned to the business objectives for the segment
*  Work with the Product Lifecycle Management (PLM) team to develop and execute communication plan for Business and IT leaders regarding PLM
*  Develop a financial plan to account for PLM; communicate this plan to IT and Business leaders; ensure that prioritized PLM activities are fully funded and scheduled (5-year plan)
*  Drive the remediation of the prioritized list of application vulnerabilities according to the timing requirements specified by IRM policy (if applicable)
*  Provide feedback to IRM to drive efficiency and clarity so that processes and communications can be improved
*  Partner with the IRM Communications team (Safe With Me) to communicate the importance and relevance of current events and changes to IRM policies within their respective organizations
*  Partner with the Common Security Framework (CSF) team to assist with the development of the CSF maturity assessments and objectives
*  Serve as the single point of contact for IRM into their respective organization to manage industry events, security process changes and incidents as appropriate
*  Serve as the single point of contact for IRM into their respective organizations for audit and compliance issues
*  Integrate Security into the technology development  and M&A strategies; focus on getting that security ownership into the business, into those key critical applications that really run the business that are outside the infrastructure and core
*  Security education by commodity vertical - decompose the organization to create security education relevant to the business function. This means going from a one size fits all approach to tailored security education program customized to that unique business line - Finance, Clinical, Payer, Provider, etc.
*  Partner with IRM team to increase the IRM business acumen
*  Partner with the Office of the CIO team to ensure that funding is available as needed for vulnerability remediation and that the remediation work is scheduled into releases to meet the timing
*  Develop and execute a plan to reduce application vulnerabilities by understanding root cause and eliminating common cause (Note: IRM resources will partner with the TSL to provide root cause analysis assistance, training, education and support)
*  Own the monthly report for vulnerability remediation, tracking and progress toward elimination of vulnerabilities
*  Drive the execution of prioritized PLM work
*  Partner with the IRM Education team to identify gaps in the organization's knowledge of security policies and practices; develop and execute a plan to close the gaps

*  Proven track record in the Security domain for commercial software products
*  15 + years' progressive experiences in a large, global, matrixed organization
*  Demonstrated ability to influence without authority
*  Proven cross-functional collaborator with strong interpersonal and communications skills
*  Well-honed writing and documentation skills, evidenced by the creation of clear requirements documents, roadmaps and presentations
*  Ability to build deep business acumen and institutional and organizational knowledge quickly
*  Previous experiences presenting to and negotiating with executives
*  ISC2 certifications desired
*  Experience in the HIT and/or health services industries preferred

Careers with Optum. Here's the idea. We built an entire organization around one giant objective; make health care work better for everyone. So when it comes to how we use the world's large accumulation of health-related information, or guide health and lifestyle choices or manage pharmacy benefits for millions, our first goal is to leap beyond the status quo and uncover new ways to serve. Optum, part of the UnitedHealth Group family of businesses, brings together some of the greatest minds and most advanced ideas on where health care has to go in order to reach its fullest potential. For you, that means working on high performance teams against sophisticated challenges that matter. Optum, incredible ideas in one incredible company and a singular opportunity to do your life's best work.SM

Diversity creates a healthier atmosphere: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.

UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.

Apply directly by selecting this link!

This e-mail, including attachments, may include confidential and/or
proprietary information, and may be used only by the person or entity
to which it is addressed. If the reader of this e-mail is not the intended
recipient or his or her authorized agent, the reader is hereby notified
that any dissemination, distribution or copying of this e-mail is
prohibited. If you have received this e-mail in error, please notify the
sender by replying to this message and delete this e-mail immediately.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-twincities/attachments/20150902/1d223f63/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 833 bytes
Desc: image001.jpg
URL: <http://lists.owasp.org/pipermail/owasp-twincities/attachments/20150902/1d223f63/attachment-0004.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.jpg
Type: image/jpeg
Size: 831 bytes
Desc: image002.jpg
URL: <http://lists.owasp.org/pipermail/owasp-twincities/attachments/20150902/1d223f63/attachment-0005.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.jpg
Type: image/jpeg
Size: 810 bytes
Desc: image003.jpg
URL: <http://lists.owasp.org/pipermail/owasp-twincities/attachments/20150902/1d223f63/attachment-0006.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.jpg
Type: image/jpeg
Size: 891 bytes
Desc: image004.jpg
URL: <http://lists.owasp.org/pipermail/owasp-twincities/attachments/20150902/1d223f63/attachment-0007.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.png
Type: image/png
Size: 1198 bytes
Desc: image005.png
URL: <http://lists.owasp.org/pipermail/owasp-twincities/attachments/20150902/1d223f63/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.png
Type: image/png
Size: 1190 bytes
Desc: image006.png
URL: <http://lists.owasp.org/pipermail/owasp-twincities/attachments/20150902/1d223f63/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image007.png
Type: image/png
Size: 1433 bytes
Desc: image007.png
URL: <http://lists.owasp.org/pipermail/owasp-twincities/attachments/20150902/1d223f63/attachment-0005.png>

More information about the Owasp-twincities mailing list