Role Description Trust In SODA is seeking an experienced Principal Security Engineer to join our dynamic team in a fully remote capacity. This pivotal role is essential in safeguarding our technological infrastructure and ensuring the integrity of our systems. As a Principal Security Engineer, you will lead the charge in identifying vulnerabilities, implementing robust security measures, and fostering a culture of security awareness across the organization. Your expertise will play a crucial role in maintaining the trust of our clients and stakeholders in an ever-evolving threat landscape. In this role, you will be responsible for: - Identifying vulnerabilities in technological infrastructure - Implementing robust security measures - Developing and executing security strategies - Conducting risk assessments - Ensuring compliance with industry standards - Collaborating with cross-functional teams - Integrating security best practices into software development - Providing guidance on security architecture - Fostering a culture of security awareness - Mentoring junior engineers Qualifications - Minimum of 7 years of experience in the technology sector - Relevant certifications such as CISSP or CISM Benefits - Work From Home - Training & Development - Stock Option Plan

Requisition Number: 2336851 Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. The Segment Information Security Officer (SISO) for OptumCare, Mid-America Region will work with technology teams to execute and sustain the security program and strategy. Candidate must be an innovative thinker and have a strong background in cyber security. Leveraging existing locally managed solutions and Optum solutions where applicable, this individual will lead the collective efforts including, but not limited to: - Vulnerability & exposure management - Information security monitoring, analysis, and response - Investigations and data forensics - Penetration testing - Security metrics and reporting - Effective leadership and solutioning skills - Competency with industry frameworks and regulations including NIST, HIPAA, ISO, etc. - Audit and assessment - Identity and Access Management - Contract reviews - Security reviews of applications, data, and infrastructure designs, including cloud and locally hosted solutions - Security review of network solutions including cloud architecture, firewalls, Regional Network Hub technology, data flows, voice, and video If you are located in MN or DC, you will have the flexibility to work remotely*, as well as work in the office as you take on some tough challenges. Primary Responsibilities: - Ensure compliance with industry, regulatory and contractual security requirements of all products, customers, and assigned areas - Provides analysis of and suggested solutions to complex Cyber Security issues, as well as complex conceptual analysis, building and maintaining key security and contract metrics - Lead programs that will minimize risk and ensure the integrity, confidentiality and availability of information that is owned, controlled, and processed within the organization - Collaborates with leadership to initiate, facilitate, and promote activities to foster information security awareness within the organization - Lead a multi-organizational security team to foster growth and continued maturation of various security programs in the organization - Provides expertise/analysis for the management/implementation of budgets, forecasts, and resource planning strategies in support of client engagement - Provides direction and collaboration with other senior leadership, directors, managers, and stakeholders in the mitigation of risks within the IT Security infrastructure, Business Unit Solution as well as the overall organization - Creates a culture of physical and information security within the organization and drives behavioral changes for the business. Conducts, designs, and provides security training for staff. Initiates, facilitates, and promotes activities to foster information security awareness within the organization and related entities - Evaluates security trends, evolving threats, risks and vulnerabilities and applies tools to evaluate the risk in the context of the organization and to mitigate risk - Ensure that the risk management and access control needs of the organization are addressed - Travel up to 10% of the time You'll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in. Required Qualifications: - 5+ years of information security/ technology/ engineering/ or operations experience - 3+ experience leading an information security team or program (manager or senior manager level) - 3+ years of experience translating business needs and priorities into applicable IT solutions and/or strategies - 3+ years of experience working with external auditors, regulatory bodies, and internal customers - 3+ years of experience reviewing IT and/or security related contracts - 3+ years of experience combining security requirements and business needs into applicable IT solutions and/or strategies - Experience with cyber security standards/organizations (such as SOX, HIPPA, PCI DSS, ITIL, NIST, COBIT, IETF, IEEE) - Hands-on knowledge of modern security domains: - Identity & access management - Cloud security (Azure, AWS, GCP) - Network and endpoint security - Data protection & privacy - Security incident response - Understanding of secure architecture principles for cloud, hybrid, and on-prem environments - Proven solid management presence with the ability to influence local and remote personnel at varying levels (including executives, physicians, and other non-technical business leaders) - Proven solid communicator with demonstrated collaboration, analytical, and critical thinking skills to achieve business goals, while balancing security and technology objectives Preferred Qualifications: - Advanced security certifications such as; Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or Certified Chief Information Security Officer (CCISO) - Network / security infrastructure / application / system vulnerability and/or threat management experience at the Engineer or Architect level - Proven ability to negotiate and influence cross-functional teams (IT, engineering, product, operations) - Proven solid relationship-building skills-trusted advisor mindset *All employees working remotely will be required to adhere to UnitedHealth Group's Telecommuter Policy Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, you'll find a far-reaching choice of benefits and incentives. The salary for this role will range from $112,700 to $193,200 annually based on full-time employment. We comply with all minimum wage laws as applicable. Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission. UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. UnitedHealth Group is a drug - free workplace. Candidates are required to pass a drug test before beginning employment.

• Establishment, further development, and structured preparation of our organization for an ISMS according to ISO/IEC 27001, as well as preparation for ISO 9001 certifications • Analysis, assessment, and implementation of regulatory requirements, particularly stemming from the NIS-2 Directive • Alignment with and, where applicable, implementation of measures according to BSI IT-Grundschutz • Establishment, further development, and assurance of the annual audit of our Internal Control System (IKS) by our external auditor in accordance with PS 951 Type 2 / ISAE 3402 • Maintenance and structuring of all compliance and security documentation in Confluence and Jira, including building traceable, audit-ready structures and workflows • Ongoing collaboration and advisory support with all teams to systematically capture and keep security- and compliance-related information up to date • Development, standardization, and optimization of processes in information security, compliance, and internal controls • Preparation, accompaniment, and support for internal and external audits, including risk analyses and tracking of remediation measures

• The Instructor provides an educational atmosphere where students have the opportunity to fulfill their potential for intellectual, emotional, physical, and psychological growth. • The Instructor organizes and implements an instructional program that results in students achieving academic success in accordance with FLVS and state policies and laws. • Plan, prepare, and implement instructional activities that contribute to a climate where students are actively engaged in meaningful learning experiences • Identify, select, create, and modify instructional resources to meet the needs of the students with varying backgrounds, learning styles, and special needs • Assist in assessing changing curricular needs and offer plans for improvement • Maintain effective and efficient record-keeping procedures • Provide a positive environment in which students are encouraged to be actively engaged in the learning process • Communicate with students, parents, and internal and external professionals within established timelines • Collaborate with peers to enhance the instructional environment for students by participating in activities which include, but are not limited to, team teaching, meetings, staff development, communities of practice, and various committees • Model professional and ethical standards when dealing with students, parents, peers, and community members • Ensure that student growth and achievement are continuous and appropriate for age group, subject area, and/or program classification • Establish and maintain cooperative working relationships with students, parents, schools, and colleagues measured by FLVS district/school survey results • Meet specific course and school-wide student performance goals • Demonstrate gains in student performance • Participate in research and presentations about online teaching; this may include activities such as, authoring articles, hosting workshops, sharing of information for professional growth, and student outreach events and activities • Participate in blended learning models, which include both online and classroom instruction and interaction with students at various schools and districts across the state; may be required to report to an assigned school • May be responsible for instructional tutoring • Meet professional obligations through efficient work habits such as, meeting deadlines, honoring schedules, coordinating resources and meetings in an effective and timely manner, and demonstrating respect for others