Sr Information Security Risk Auditor (Government) - Telecommute

UnitedHealth Group

Eden Prairie Minnesota

United States

Government
(No Timezone Provided)

No other industry is changing as rapidly or as broadly as health care. But to us, change is invigorating. It gives us a chance to continue to innovate as we shape the future. As a Compliance Consultant with us, you will monitor changes to laws and regulations to ensure compliance with State and Federal mandates. It's an exhilarating pace where you can develop your career while you help to make the health system work better for everyone.
Primary Responsibilities:

  • Develop / translate / assess IT FISMA / NIST regulatory requirements from CMS and IRS into control requirements
  • Integrate multiple requirements into a common infrastructure assessment process
  • Assess application and infrastructure information systems with multiple common control environments against HITRUST, HIPAA, ISO 27001, and multiple government requirements typically represented in NIST form (CMS MARS-E, IRS 1075, CMS ARS, VA 6500)
  • Deep understanding of NIST Risk Management Framework
  • Design and execute assessment plans to meet project objectives and challenges
  • Identifies and resolves operational problems using defined processes, expertise and judgment
  • Demonstrate integrity and ethical behavior by complying with applicable laws, regulations and policies and requiring the same from others
  • Manage and ensure compliance with structures, processes, and technologies
  • Maintain knowledge of and leverage industry technologies and trends
  • Create assessment documentation and reports for communication to management

Required Qualifications:

  • 5 or more years of experience in leading / implementing IT controls
  • Previous experience in IT Security internal audit and external audit
  • Prior experience application and infrastructure for cloud information systems with multiple common control environments against HITRUST, HIPAA, and multiple government requirements typically represented in NIST form (CMS MARS-E, IRS 1075, CMS ARS, VA 6500)
  • If you need to enter a work site for any reason, you will be required to screen for symptoms using the ProtectWell mobile app, Interactive Voice Response (i.e., entering your symptoms via phone system) or a similar UnitedHealth Group-approved symptom screener. Employees must comply with any state and local masking orders. In addition, when in a UnitedHealth Group building, employees are expected to wear a mask in areas where physical distancing cannot be attained.

Preferred Qualifications:

  • Big 4 audit experience
  • Bachelor's degree
  • ISO 27001, CISSP, CISM, or CISA Certification
  • Previous experience with implementing CMS ARS, MARS-E, & HIPAA; IRS 1075; ISO 27001; and AICPA SOC2 control frameworks
  • Previous implementation experience with large government information technology projects with CMS Authorization To Operate (ATO)
  • Proficiency with GRC tool(s) utilized within the Government audit space.

Technology Careers with Optum. Information and technology have amazing power to transform the health care industry and improve people's lives. This is where it's happening. This is where you'll help solve the problems that have never been solved. We're freeing information so it can be used safely and securely wherever it's needed. We're creating the very best ideas that can most easily be put into action to help our clients improve the quality of care and lower costs for millions. This is where the best and the brightest work together to make positive change a reality. This is the place to do your life's best work. SM

*All Telecommuters will be required to adhere to UnitedHealth Group's Telecommuter Policy.

Colorado Residents Only: The salary range for Colorado residents is $79,700 to $142,600. Pay is based on several factors including but not limited to education, work experience, certifications, etc. As of the date of this posting, In addition to your salary, UHG offers the following benefits for this position, subject to applicable eligibility requirements: Health, dental, and vision plans; wellness program; flexible spending accounts; paid parking or public transportation costs; 401(k) retirement plan; employee stock purchase plan; life insurance, short-term disability insurance, and long-term disability insurance; business travel accident insurance; Employee Assistance Program; PTO; and employee-paid critical illness and accident insurance.


Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.


UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.

Sr Information Security Risk Auditor (Government) - Telecommute

UnitedHealth Group

Eden Prairie Minnesota

United States

Government

(No Timezone Provided)

No other industry is changing as rapidly or as broadly as health care. But to us, change is invigorating. It gives us a chance to continue to innovate as we shape the future. As a Compliance Consultant with us, you will monitor changes to laws and regulations to ensure compliance with State and Federal mandates. It's an exhilarating pace where you can develop your career while you help to make the health system work better for everyone.
Primary Responsibilities:

  • Develop / translate / assess IT FISMA / NIST regulatory requirements from CMS and IRS into control requirements
  • Integrate multiple requirements into a common infrastructure assessment process
  • Assess application and infrastructure information systems with multiple common control environments against HITRUST, HIPAA, ISO 27001, and multiple government requirements typically represented in NIST form (CMS MARS-E, IRS 1075, CMS ARS, VA 6500)
  • Deep understanding of NIST Risk Management Framework
  • Design and execute assessment plans to meet project objectives and challenges
  • Identifies and resolves operational problems using defined processes, expertise and judgment
  • Demonstrate integrity and ethical behavior by complying with applicable laws, regulations and policies and requiring the same from others
  • Manage and ensure compliance with structures, processes, and technologies
  • Maintain knowledge of and leverage industry technologies and trends
  • Create assessment documentation and reports for communication to management

Required Qualifications:

  • 5 or more years of experience in leading / implementing IT controls
  • Previous experience in IT Security internal audit and external audit
  • Prior experience application and infrastructure for cloud information systems with multiple common control environments against HITRUST, HIPAA, and multiple government requirements typically represented in NIST form (CMS MARS-E, IRS 1075, CMS ARS, VA 6500)
  • If you need to enter a work site for any reason, you will be required to screen for symptoms using the ProtectWell mobile app, Interactive Voice Response (i.e., entering your symptoms via phone system) or a similar UnitedHealth Group-approved symptom screener. Employees must comply with any state and local masking orders. In addition, when in a UnitedHealth Group building, employees are expected to wear a mask in areas where physical distancing cannot be attained.

Preferred Qualifications:

  • Big 4 audit experience
  • Bachelor's degree
  • ISO 27001, CISSP, CISM, or CISA Certification
  • Previous experience with implementing CMS ARS, MARS-E, & HIPAA; IRS 1075; ISO 27001; and AICPA SOC2 control frameworks
  • Previous implementation experience with large government information technology projects with CMS Authorization To Operate (ATO)
  • Proficiency with GRC tool(s) utilized within the Government audit space.

Technology Careers with Optum. Information and technology have amazing power to transform the health care industry and improve people's lives. This is where it's happening. This is where you'll help solve the problems that have never been solved. We're freeing information so it can be used safely and securely wherever it's needed. We're creating the very best ideas that can most easily be put into action to help our clients improve the quality of care and lower costs for millions. This is where the best and the brightest work together to make positive change a reality. This is the place to do your life's best work. SM

*All Telecommuters will be required to adhere to UnitedHealth Group's Telecommuter Policy.

Colorado Residents Only: The salary range for Colorado residents is $79,700 to $142,600. Pay is based on several factors including but not limited to education, work experience, certifications, etc. As of the date of this posting, In addition to your salary, UHG offers the following benefits for this position, subject to applicable eligibility requirements: Health, dental, and vision plans; wellness program; flexible spending accounts; paid parking or public transportation costs; 401(k) retirement plan; employee stock purchase plan; life insurance, short-term disability insurance, and long-term disability insurance; business travel accident insurance; Employee Assistance Program; PTO; and employee-paid critical illness and accident insurance.


Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.


UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.