Director, Cybersecurity Executive Reporting- Remote or Hybrid from NM or DC

UnitedHealth Group•Eden Prairie, MN

12h•Hybrid

About The Position

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. We are seeking a Director to lead executive-level cybersecurity reporting for our Security Shield & Accelerator program across the company’s portfolio of Acquired Entities. This role operates at the intersection of cybersecurity, enterprise risk, and executive decision-making, providing clear, authoritative insights to C suite leaders and enterprise governance bodies. The Director will be accountable for how Security Shield progress, risk posture, and control maturity are communicated to senior leadership. This role requires exceptional judgment, the ability to influence at the highest levels of the organization, and deep experience operating in large, highly regulated, multi-entity environments typical of a Fortune 5 company. If you are located in NM or DC, you will have the flexibility to work remotely as you take on some tough challenges. For all hires in the Minneapolis or Washington, D.C. area, you will be required to work in the office a minimum of four days per week. You’ll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.

Requirements

10+ years of progressive experience in a cybersecurity and/or enterprise risk technology leadership role
6+ years of experience supporting M&A activity, post acquisition integration, or multi-entity security programs
Solid understanding of cybersecurity control frameworks (e.g., NIST, ISO 27001, CIS) and control maturity modeling
Proven success delivering executive- and board-level reporting in a large, complex enterprise
Proven exceptional executive presence with the ability to influence senior leaders through data and narrative
Demonstrated ability to operate strategically while maintaining credibility at the technical level
Demonstrated ability to thrive in fast-paced, dynamic, and high-pressure environments, adapting quickly to changing priorities and executive needs

Nice To Haves

Advanced degree (MBA, MS in Cybersecurity, or equivalent experience)
Experience in a Fortune 50 / Fortune 10 organization
Experience preparing materials for Boards, Board committees, or equivalent governance bodies
Experience with Agile, Lean, or Six Sigma methodologies, with the ability to apply structured process improvement practices to reporting, integration workflows, and cross-functional execution
Familiarity with enterprise reporting platforms (e.g., Power BI, Tableau, ServiceNow, GRC platforms)
Background in security program leadership, GRC, or enterprise risk management

Responsibilities

Executive & Board-Level Reporting
Own the enterprise narrative for Security Shield implementation across Acquired Entities
Deliver C suite–ready reporting to the CISO, CIO, CTO, CFO, CEO staff, and other senior executives
Prepare materials for executive forums, risk committees, board-adjacent readouts, and QBRs
Translate technical security implementation data into concise, outcome-focused insights for executive decision-making
Anticipate executive questions and proactively surface risk, trade-offs, and recommendations
Enterprise Security Shield & Accelerator Oversight
Establish and maintain standardized metrics, maturity models, and KPIs for Security Shield & Accelerator control implementation
Provide roll-up visibility across diverse acquired environments, highlighting trends, systemic risks, and executive action items
Ensure reporting aligns with enterprise security strategy, regulatory expectations, and risk tolerance
Partner with Security Architecture, Engineering, and GRC teams to validate data accuracy and credibility
Drive cross–workstream alignment for large-scale program initiatives by coordinating dependencies, sequencing, and integration points across multiple security, IT, and business teams
Ensure consistent communication and execution across workstreams, identifying and escalating cross-functional blockers that impact program timelines or executive commitments
Acquired Entity Security Integration Leadership
Serve as a senior security integration leader supporting acquisitions from close through steady-state operations
Define reporting standards and governance for acquired entity security integration
Advise corporate and acquired entity leadership on security priorities, sequencing, and risk-based decisions
Identify dependencies, resource constraints, and execution risks and elevate them appropriately
Strategic Stakeholder Leadership
Act as a trusted advisor to senior security and technology leaders across the enterprise
Drive alignment across Security, IT, Risk, Internal Audit, and M&A integration teams
Influence outcomes in a highly matrixed environment without direct authority
Represent Security Shield progress in enterprise planning, investment, and risk discussions
Reporting Transformation & Continuous Improvement
Mature executive reporting through automation, improved data quality, and advanced visualization
Define best practices for executive storytelling, risk framing, and portfolio-level reporting
Continuously improve how security outcomes are measured, communicated, and acted upon