Sr. Info Security Risk Analyst (IT Compliance/Audit)

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together.

Primary Responsibilities

• Ensure third-party supplier's compliance to business requirements – business agreement, policies, procedures, and regulations
• .Lead third-party supplier security risk assessment and remediation activities
• .Research, understand and analyze information security risks applicable to a supplier
• .Conduct discovery call and perform risk-based assessment
• .Review evidence and supporting documentations from the supplier
• .Communicate identified security gaps, provide recommendations, and monitor/track progress until its completion
• .Collaborate with internal stakeholders and management for any process deviations, delays, or escalations
• .Oversee and supervise assigned analyst’s work to ensure risk assessment and remediation activities are carried out effectively and efficiently
• .Perform reviews of risk assessment documentation and remediation completion
• .Attend and observe risk assessment and remediation meetings
• .Provide support, guidance and assistance to any inquiries, concerns, or challenges
• .Track completion and ensure that SLA is met
• .Assist with the execution of the Information Risk Governance program
• .Participate in solving complex problems, address issues and challenges
• .Develop or support solutions for process improvement
• .Contribute to training program implementation
• .Lead or participates on special projects

.

What skills/attributes are a must ha

• ve:5+ years of experience in IT or IS compliance/audit, ISO 27001, HIPAA, SOX, PCI, GLBA, NIST, HITRUST), ITIL, Third Party / Supplier Risk Management, ITGC Contr
• ols3+ years of understanding of different security products (MFA, encryption, threat & vulnerability, antivirus, network protection, etc
• .).3+ years working experience with various compliance frameworks and regulations like HITRUST, ISO 27001, SOC 2 Type II, PCI DSS, NIST, e
• tc.Strong communication (listening, verbal, written) and presentation skil
• ls.Advance level experience in MS Office 3
• 65.Ability to develop effective relationships with team members, suppliers, and internal stakeholde

rs.


Preferred Skills / exper

• ience:
  Certifications: Sec+, CISA, CRISC, CISM, ISO 27001 Lead Auditor,

ISC2 CC
Careers with Optum. Here's the idea. We built an entire organization around one giant objective; make the health system work better for everyone. So, when it comes to how we use the world's large accumulation of health-related information, or guide health and lifestyle choices or manage pharmacy benefits for millions, our first goal is to leap beyond the status quo and uncover new ways to serve. Optum, part of the UnitedHealth Group family of businesses, brings together some of the greatest minds and most advanced ideas on where health care must go in order to reach its fullest potential. For you, that means working on high performance teams against sophisticated challenges that matter. Optum, incredible ideas in one incredible company and a singular opportunity to do your life's be

st work.#