Principal Application Security Engineer - Remote

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together.

The Principal Application Security Engineer is a key member of the Clinical Ecosystem Security (CES) team and collaborates with ESRO, IT organizations and business units to execute, sustain and enhance UHG's clinical technology security program. The successful candidate will lead a number of collective efforts including, but not limited to:

• Clinical application discovery & security assessments
• Policies and standards for medical application security
• C-SAR process optimization & improvements
• Clinical application security documentation and training materials
• Outreach to business and technical teams to promote awareness of UHG standards

You'll enjoy the flexibility to work remotely * from anywhere within the U.S. as you take on some tough challenges. For all hires in the Minneapolis or Washington, D.C. area, you will be required to work in the office a minimum of four days per week.

Primary Responsibilities:

• Lead the clinical application software assessment function of CES. Execute, sustain and enhance the assessment process and technical standards
• Ensure compliance with UHG standards and policy as well as industry best practice and alignment with regulatory and contractual security requirements
• Initiate, facilitate, and promote activities that facilitate better understanding of application security best practice and promote awareness of policy and process for internal customers
• Evaluate application security trends, evolving threats, risks and vulnerabilities in order to formulate security roadmaps and engage with ESRO leadership for policy and process enhancements
• Provides expertise/analysis for the management/implementation of technology and process changes as they relate to application risk
• Provides direction and collaboration with other senior leadership, directors, managers, and stakeholders in the mitigation of application security risks within the IT infrastructure and associated processes
• Facilitates, and promotes activities to foster information security awareness within the organization and related entities
• Travel up to 25% of the time

You'll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.

Required Qualifications:

• 5+ years of experience in Information Security Risk Management
• 5+ years of working with application security
• Familiarity with OWASP recommendation and guidelines
• Proven solid communicator with ability to influence local and remote personnel at varying levels (including executive)
• Demonstrated collaboration, analytical, and problem-solving skills to achieve business goals, while balancing security and technology objectives
• Proven highest ethical standards and sense of propriety combined with a strong service orientation and mindset
• Proven solid expertise in cloud security, platforms, and services
• Proven ability to partner with businesses related to security and risk management within a clinical setting

Preferred Qualifications:

• Bachelor's degree in Computer Science, Business, related field or equivalent experience
• One of the following certifications:
• Certified Information Security Manager (CISM)
• Offensive Security Certified Professional (OSCP)
• Certified Information Systems Security Professional (CISSP)
• Healthcare Industry experience

*All employees working remotely will be required to adhere to UnitedHealth Group's Telecommuter Policy

Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, you'll find a far-reaching choice of benefits and incentives. The salary for this role will range from $110,200 to $188,800 annually based on full-time employment. We comply with all minimum wage laws as applicable.

Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants.

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.

UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations.

UnitedHealth Group is a drug - free workplace. Candidates are required to pass a drug test before beginning employment.