Sr Information Security Lead - Optum Tech - Remote

UnitedHealth Group-posted 3 months ago
$89,900 - $160,600/Yr
Full-time • Senior
Remote • Burr Ridge, IL
5,001-10,000 employees
Insurance Carriers and Related Activities
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

Explore opportunities with PharmScript, part of the Optum family of businesses. PharmScript is one of the nation's leading pharmacies, partnering with long-term and post-acute care facilities to supply medications to thousands of residents and patients. Be part of our team that's dedicated to delivering safe, accurate and timely medication to those who need it most. PharmScript is a place where you can thrive and contribute. Join us to start Caring. Connecting. Growing together. Following our acquisition by Genoa Healthcare (an Optum Rx company) in 2024, PharmScript is accelerating its cybersecurity transformation. As we align with the Optum Enterprise Security & Resiliency Office (ESRO), we are expanding our security engineering capabilities to support both PharmScript-specific needs and the broader enterprise security initiatives. This Senior Information Security Engineer will report directly to the CISO of PharmScript and act as a key security leader supporting the ongoing integration of PharmScript's security operations into Optum's enterprise-aligned model. This critical role will serve as the CISO's technical deputy - responsible for the design, implementation, and oversight of core security functions including cloud security, incident response, vulnerability management, and identity & access management in a highly regulated healthcare-pharmacy environment (HIPAA, NIST, MARS-E). You will work closely with security, IT, and business leaders across PharmScript, Genoa, and Optum to advance our security maturity while helping embed scalable enterprise security practices that align with ESRO's mission to protect the organization, its data, and its people. You'll enjoy the flexibility to work remotely from anywhere within the U.S. as you take on some tough challenges.

  • Own the technical roadmap for Microsoft Azure and Microsoft 365 security controls (Defender, Sentinel, Purview), SaaS SSO integrations (Entra ID, Cisco DUO MFA), and segmentation of our OneHealthCareID (OHID) customer portal
  • Evaluate and implement tooling for vulnerability scanning, container/cloud posture management, and secrets management
  • Partner with Development (CI/CD in Azure DevOps) to embed security into pipelines (SAST, DAST, IaC)
  • Champion infrastructure as code and automation using Python and PowerShell
  • Serve as tactical leader for the Security Operations Center, ensuring high fidelity alert triage, threat hunting, and purple team exercises
  • Build and refine detection engineering for cloud and on-prem environments, with an emphasis on Microsoft 365 threat vectors (Business Email Compromise, identity takeover)
  • Coordinate tabletop exercises with the PharmScript leadership, Business Operations and the IT organization
  • Direct the corporate vulnerability management program end to end: discovery, prioritization, remediation, and executive reporting
  • Drive timely remediation SLAs across infrastructure, applications, and third party components; track progress through metrics dashboards
  • Lead annual NIST 800-53 / HIPAA risk assessment and drive POAM remediation to closure
  • Maintain policy exceptions, risk records, and metrics dashboards for C-suite and Optum ESRO reporting
  • Serve as audit liaison for SOC 2, HITRUST, and customer assessments
  • Standardize role-based access across Azure, on-prem AD, and SaaS applications; champion privileged-access workflows
  • Oversee federation and MFA strategy for internal staff and external pharmacy customers
  • Act as technical lead for escalated incidents; refine playbooks for ransomware, ePHI exposure, and third-party compromise
  • Coordinate tabletop exercises with Genoa SOC and Optum Cyber Defense
  • Mentor Security Engineers and SOC team members
  • Translate complex risk into business language for pharmacy operations, legal, and finance stakeholders
  • Manage security budget line items and vendor relationships
  • Bachelor's degree in an IT related discipline or equivalent experience
  • 3+ years of business experience in technology and/or technology/security audit
  • 3+ years of experience with securing public cloud platforms (AWS, Azure, GCP)
  • 1+ years of experience interacting with an executive audience
  • 1+ years of experience with practical interpretation and application of policy and standards
  • Experience presenting risk and remediation strategy to VP/C level leaders
  • Working knowledge of HIPAA Security Rule, NIST 800 53, and privacy principles
  • Security certifications (CISSP, CCSP, Azure Security Engineer, HCISPP)
  • Experience integrating with large to enterprise security programs
  • Prior leadership of a small security engineering or GRC team
  • Customer-facing leadership experience (e.g., support or client services)
  • Hands on expertise securing Microsoft Azure and Microsoft 365 (IAM, networking, Defender, Sentinel, Purview)
  • Proficiency in Python and PowerShell scripting for security automation, tooling and integration
  • Proven track record running enterprise vulnerability management and remediation programs
  • Comprehensive benefits package
  • Incentive and recognition programs
  • Equity stock purchase
  • 401k contribution
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service