Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together.

The Enterprise Security Architect is the top technical role that understands, and has applied, a comprehensive method for implementing security processes, security policies, security systems, and security controls across an enterprise while aligning with the organizations core business objectives and goals.

Primary Responsibilities:

Provide expert level security architecture standards across all security domains and technology functions while consulting with business and IT projects to provide holistic security requirements Play a key role in defining the software and systems engineering lifecycle and providing requirements to project teams (authentication mechanisms, proper data storage, etc.) Provide architectural direction for modern cloud based solutions Develop architecture documents/standards and pattern artifacts to security advisement teams consulting in enterprise projects Influence key leaders in the organization on security principles that may be controversial and difficult to implement in order to protect customers and company data  Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so

Required Qualifications:

10 - 12 years of related Network, Application, System, Storage, and Security Architecture experience Experience in designing, architecting, and implementing complex enterprise applications, infrastructures, platforms and systems Experience with architecting and designing security infrastructures Experience with security review of cloud solution architecture in Azure, AWS or GCP Experience with internal audit techniques and implementing appropriate technical controls Experience with Amazon AWS, Azure, GCP and other cloud hosting solutions Expert knowledge of modern network security technologies such as network forensics, sandboxing, threat intelligence, network and host-based intrusion prevention, vulnerability assessment (including app/web-layer interrogation), DDOS protection, Security Information Management, host-based integrity checking, end point security, AV, DLP, PKI, Mobile Security, Cloud Security etc. Knowledge and experience with securing virtualized platforms Knowledge of HIPAA, PCI-DSS, ISO 2700X and proper application of the Security and Privacy Rules. Preferred knowledge of the HITRUST Common Security Framework and NIST 800-53 Practical knowledge relative to the implementation, use and risk mitigation/management concerns for cloud-based services Highly knowledgeable of network and system security principles such as defense in depth, granularity of privilege, etc. and how they are applied in the standard data center and cloud world An in-depth understanding of software development methodologies and the security controls needed to support Secure SDLC principles Understanding of how to design security devices, networks, applications and systems compliant with the requirements of a desired security posture or state Understanding of intrinsic security weaknesses within core infrastructure components such as TCP/IP, VPN, file transfer, applications, storage, cloud, databases and remote administration protocols Pragmatic understanding of security problems as a mix of technology and process issues with the ability to pursue solutions at all layers within the organization Proven excellent written and verbal communication skills with solid relationship building skills Proven to provide leadership, mentorship and advisory services to infosec, business, and project teams to ensure that solutions are in line with the architecture direction and business strategies Proven to provide technical guidance and mentoring to engineers, designers and developers Proven to be highly collaborative -- work across the company to drive adoption of technical standards, design principles and architecture patterns in support of infosec strategic and tactical objectives Proven to be persuasive in influencing strategic architecture direction, framing reference architectures, specifying policies and standards, drive consensus on target state architectures, and influence roadmaps Proven to be skilled in applying strategic architecture direction to project delivery using standard engagement methods Demonstrated solid business acumen and a commitment to integrity, process improvement and customer satisfaction Demonstrated ability to perform a risk-based approach to securing applications, databases or infrastructure based upon IT and business needs

 #LETSGROW At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.