Specialist - Information Security

Pune, Maharashtra
Permanent
Full-time

17 days ago

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together.Primary Responsibilities:

As Part of Information Security team at Optum Health & Technology candidate is responsible for ensuring the effectiveness of ISO 27001 controls through periodic risk assessment (Internal), internal & External Audits
Aspired candidate manages and coordinates audit engagements across multiple domains, including ISO 27001 Certification audits, HITRUST Audits, Physical & Technical Audits, Vulnerability Management
To maintaining compliance, identifying, and mitigating risks
To strengthen the organization’s overall security posture through proactive governance and continuous improvement
Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regard to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so

EligibilityTo apply to an internal job, employees must meet the following criteria:

SG 24 & SG 25 can apply

SG 24 will move to SG 25
SG 25 will move laterally
Performance rating in the last common review cycle of "Meets Expectations" or higher
Not be on any active CAP (Corrective Action Plan) or active disciplinary action
Time in Role Guidelines:

Should have been in your current position for a minimum of 12 months, if you have not met the recommended minimum time in role, discuss your career interest with your manager and gain alignment prior to applying. And share the alignment email with respective recruiter while applying

Required Qualifications:

Any bachelor’s degree
2+ years of hands-on experience in managing security audits and driving compliance across global standards, including ISO 27001:2022, HIPAA, and SOC
The ideal candidate should bring solid technical and process-oriented knowledge in information security, risk management, and vulnerability management
Practical experience in conducting audits, facilitating risk assessments, implementing controls, and working closely with cross-functional teams to ensure the organization’s security posture aligns with regulatory and business objectives

Preferred Qualifications:

Relevant certifications such as ISO 27001 Lead Auditor, CISA, or CEH
Relevant experience on SAST, DAST
Experience in vulnerability assessments

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone - of every race, gender, sexuality, age, location and income - deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.

UnitedHealth Group

Apply Now