Sr Director, Product Cyber Incident Response Team (PCIRT) - Remote

Optum Tech is a global leader in health care innovation. Our teams develop cutting-edge solutions that help people live healthier lives and help make the health system work better for everyone. From advanced data analytics and AI to cybersecurity, we use innovative approaches to solve some of health care's most complex challenges. Your contributions here have the potential to change lives. Ready to build the next breakthrough? Join us to start Caring. Connecting. Growing together.

The Director of PCIRT leads the enterprise's response to product-related cybersecurity incidents across the software development lifecycle. This role is accountable for building and operationalising a high-performing team that proactively detects, investigates, and mitigates threats to product integrity, supply chain security, and customer trust. The Director will define the strategic vision for PCIRT, drive cross-functional alignment, and ensure readiness to respond to emerging threats in real time.

You'll enjoy the flexibility to work remotely * from anywhere within the U.S. as you take on some tough challenges.For all hires in the Minneapolis or Washington, D.C. area, you will be required to work in the office a minimum of four days per week.

Primary Responsibilities:

• Incident Response Leadership
  • Lead the response to product-related cyber incidents, including codebase compromise, supply chain vulnerabilities (e.g. NPM, GitHub), and third-party dependency risks
  • Oversee the lifecycle of incident management: detection, triage, containment, eradication, recovery, and post-incident review
• Strategic Planning & Governance
  • Define the PCIRT North Star and roadmap, including quarterly milestones and key results aligned with business outcomes
  • Develop and maintain incident response playbooks, escalation protocols, and tooling strategies tailored to product environments
• Threat Intelligence & Detection
  • Integrate threat intelligence into product pipelines to proactively identify risks
  • Collaborate with engineering teams to embed security controls (e.g. secrets scanning, firewall rules, build runner protections) into CI/CD workflows
• Cross-Functional Collaboration
  • Partner with Product Management, Engineering, Legal, and Cloud Infrastructure teams to ensure coordinated response and remediation
  • Serve as the connective tissue between ESRO, ETIPS, and business units for secure product delivery
• Reporting & Communication
  • Provide executive-level briefings on incident status, impact, and remediation
  • Maintain documentation for audit, compliance, and continuous improvement
• Team Development & Culture
  • Build and lead a multidisciplinary team of responders, analysts, and engineers
  • Foster a culture of operational excellence, continuous learning, and proactive risk management

You'll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.

Required Qualifications:

• Dual-Track Technical Tenure: 10+ years of combined experience in Software and Security engineering. They must understand how code is built and shipped (entire SDLC) at scale to effectively tell developers how to fix it
• Architectural Risk Assessment: 10+ years of experience performing Threat Modeling and deep-dive code reviews across diverse stacks (e.g., Cloud-native/K8s, embedded systems, or SaaS) to identify systemic supply chain weaknesses
• SDLC Governance at Scale: 10+ years of experience implementing and maturing Secure Development Lifecycles (SDL), ensuring security checkpoints-like SBOM generation and SCA scanning-are automated into the CI/CD pipeline
• Incident Response Leadership: Experience in managing high-stakes security incidents, with 5+ years specifically focused on Product Security (PSIRT) rather than just internal IT/Corporate security
• Vulnerability Lifecycle Management: 5+ years of experience overseeing the full lifecycle of CVE (Common Vulnerabilities and Exposures) assignments, from initial researcher report through coordinated disclosure and patch verification

Preferred Qualifications:

• CISSP, GIAC (GREM, GCFA), or equivalent
• Product security or cloud certifications (e.g. AWS Security, GCP Professional Security Engineer)

*All employees working remotely will be required to adhere to UnitedHealth Group's Telecommuter Policy.

Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, you'll find a far-reaching choice of benefits and incentives. The salary for this role will range from $159,300 to $273,200 annually based on full-time employment. We comply with all minimum wage laws as applicable.

Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants.

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.

UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations.

UnitedHealth Group is a drug - free workplace. Candidates are required to pass a drug test before beginning employment.