• The Senior Application Security Consultant plays a strategic and hands‑on role in protecting PwC's global application ecosystem by embedding security throughout the Software Development Life Cycle (SDLC). • This professional operates beyond technical execution and advisory work, acting as a strategic security partner for application, cloud and platform teams—shaping architectural decisions, leading complex assessments and driving the continuous advancement of secure engineering practices. • The role is expected to work with a high level of autonomy, provide technical leadership, influence senior stakeholders, and contribute directly to the evolution of the global Application Security strategy, including standards, tools and organizational maturity. • Key responsibilities: • Act as a senior security consultant for development, cloud and platform teams, ensuring security by design • Lead security architecture assessments for complex, distributed and cloud‑native systems • Conduct secure design reviews, threat modeling and risk‑based decision making • Lead and execute Application Readiness Reviews (ARR) for critical applications and platforms • Define and promote global Application Security standards (NIS), including best practices and architectural patterns • Provide expert guidance on secure coding, vulnerability remediation and architectural risk trade‑offs • Perform advanced analysis of vulnerabilities reported by tools such as SAST, DAST, SCA, container scanners and cloud‑native security tooling • Partner with Risk Management and Business Information Security Officers to define mitigation and risk acceptance strategies • Influence engineering teams to adopt DevSecOps practices, security controls in CI/CD and automation • Contribute to the selection, evaluation and optimization of security tools and platforms • Mentor more junior professionals through technical reviews, coaching and feedback

• Support the design, implementation, and maintenance of secure cloud architectures in accordance with program and security requirements • Assist in the development, integration, and testing of security controls across cloud infrastructure, applications, and data environments • Conduct risk and vulnerability assessments and assist with developing mitigation strategies • Implement and maintain security configurations to ensure the confidentiality, integrity, and availability of systems • Support development and maintenance of security documentation including System Security Plans (SSPs), security control assessments, and contingency plans • Assist with system security engineering activities throughout the system lifecycle including requirements analysis, design validation, and security testing • Perform security scans and vulnerability assessments using approved tools and document findings and remediation recommendations • Support security compliance activities in accordance with federal and DoD cybersecurity frameworks • Participate in incident response activities and assist in investigation and remediation of security events • Collaborate with cloud engineers, system administrators, and program stakeholders to ensure security requirements are implemented effectively • Monitor systems and environments for potential security risks and assist in remediation efforts • Support certification and authorization activities and processes • Provide technical support to operational strategies aligned with program initiatives to optimize processes, enhance productivity, and ensure quality across program functions • Ensure 100% of planned hours are worked and recorded • Identify and forward to leadership any opportunities that could lead to growth within your work area • Participate in growth efforts as requested • Ensure all contractual deliverables are met or exceeded to the customer's satisfaction • Complete personal PDP and attend Staff Meeting and Storytime (with camera on) • Build productive and positive professional relationships with clients within the program • Execute all contract requirements as assigned in accordance with the contract-specific LCAT and requirements • Maintain active status of all required DoD 8570/8140 industry certifications in good standing through required Continuing Education (CE) units • Perform other related duties as assigned

Role Description Reporting to EDUCAUSE’s Senior Director of Information Technology Operations, the Senior Azure & Cybersecurity Engineer uses extensive cybersecurity expertise to lead and manage our enterprise IT infrastructure while ensuring compliance with NIST, CIS, and PCI standards. This role is responsible for implementing security controls, maintaining system hardening, and managing infrastructure across multiple platforms while adhering to strict security frameworks. The position requires deep expertise in a Microsoft environment, with a thorough focus on security automation, compliance monitoring, and vulnerability management. The individual in this position will actively collaborate with other members of the IT Department and others across the association to support departmental and organizational strategic plans, goals, and initiatives. Qualifications - Associate’s degree in Information Technology, Computer Science, or related field required; Bachelor's degree preferred - Minimum of 10 years of experience in systems administration required - Minimum of 8 years of experience with Microsoft technologies and security hardening required - Minimum of 5 years of experience implementing NIST, CIS, and/or PCI compliance standards preferred - Minimum of 8 years of experience in security automation using PowerShell or other scripting languages preferred - ITIL Certifications, preferred - Azure-Entra/Microsoft Certifications, preferred - Security certifications preferred (e.g., Security+, CISSP, CCSP) Requirements - Implement and maintain security controls in accordance with NIST frameworks, CIS benchmarks, and PCI standards - Lead vulnerability assessments, security hardening initiatives, and remediation efforts across the enterprise - Design and maintain a secure Azure/Entra cloud environment following security best practices and compliance requirements - Develop and execute security automation scripts using PowerShell and/or other scripting language for system hardening and compliance validation - Manage and respond to security incidents, including zero-day vulnerabilities and critical patches - Implement and maintain secure configurations for Azure /Entra, Group Policy, Intune and PKI infrastructure - Configure and maintain system logging and security monitoring solutions (e.g., Splunk, Syslog) - Perform security assessments and audits to ensure compliance industry standard frameworks - Lead secure infrastructure migration and enhancement projects while maintaining compliance requirements - Manage enterprise database systems with focus on security best practices and access controls - Implement and maintain secure backup and disaster recovery solutions - Develop and maintain security documentation and standard operating procedures - Coordinate with cybersecurity team for continuous security improvements and threat mitigation - Manage and maintain company risk management platform for audit readiness against NIST and PCI standards - Design and maintain Zero Trust architecture with identity-based access, continuous verification, least-privilege enforcement, and device trust controls - Implement and manage Zero Trust Network Access (ZTNA) to securely support remote and cloud workloads while reducing dependence on perimeter-based security - Evaluate and secure AI-enabled tools and platforms in alignment with EDUCAUSE security standards, data governance, and regulatory requirements - Implement security controls for AI workloads, including data protection, access controls, monitoring for misuse, and safeguards against data leakage - Partner with stakeholders to assess AI risks, define responsible-use guardrails, and integrate AI threats into security, incident response, and risk management processes - Continue to refine organization AI security practices, policies, and tooling as organizational needs evolve Benefits - Medical, Dental, and Vision - 2-for-1 employer match to your 403(b) retirement plan; up to 10% of your base salary - Employer-paid Life and AD&D, Short‐Term Disability, and Long‐Term Disability - 15 days of vacation and 6 days of personal time annually - 9 paid holidays - One week of paid time off when offices are closed between Christmas and New Year’s Day - 36-hour work week (without any reduction in pay) amounting to 26 additional days of paid time off each year - Employee Assistance Program (EAP) - Emergency Travel Assistance - Professional development assistance - Monthly connectivity reimbursement

Requisition Number: 2346352 Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. The Enterprise Information Security (EIS) team is responsible for cybersecurity across our organization. We support our business and members by reducing risk, rapidly responding to threats, focusing on business resiliency and securing new acquisitions. This position will Drive fast paced cyber remediation efforts that have significant programs that will minimize risk and ensure the integrity, confidentiality and availability of information that is owned, controlled, and processed within the organization. You'll enjoy the flexibility to work remotely* from anywhere within the U.S. as you take on some tough challenges. For all hires in the Minneapolis or Washington, D.C. area, you will be required to work in the office a minimum of four days per week. Primary Responsibilities: - Ensure compliance with industry, regulatory and contractual security requirements of all products, customers, and assigned areas - Provides analysis of and suggested solutions to complex Cyber Security issues, as well as complex conceptual analysis, building and maintaining key security metrics - Drive fast paced cyber remediation efforts that have significant programs that will minimize risk and ensure the integrity, confidentiality and availability of information that is owned, controlled, and processed within the organization - Ability to partner with Physicians and Clinicians related to security and risk management within a clinical setting - Strong communicator with demonstrated collaboration, analytical, and critical thinking skills to achieve business goals, while balancing security and technology objectives - Assist BISOs/XISOs by delivering on cyber program accelerator objectives driving identified security gaps and improvements that require collaboration from different teams across the enterprise - Translating technical security requirements to customers in support of BISOs/XISOs - Assist in the development and presentation of program reporting metrics - Expertise in cloud security, platforms, and services, including understanding of current security offerings from leading cloud services providers, and their applicability to securing a SaaS for enterprise security requirements You'll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in. Required Qualifications: - 5+ years of experience in customer experience and implementing customer experience strategies, preferably in a security or technology environment - 4+ years of experience in an infosec programs - 4+ years of proven analytical, reporting and problem-solving skills, with the ability to identify and address customer pain points and satisfaction drivers with data - 4+ years of experience communicating and partnering with internal customers - 4+ Years of experience in a clinical domain Preferred Qualifications: - Bachelor's degree in computer science, Business, related field, or 10+ years equivalent experience - CISSP, GSEC or similar certification - 7+ years of experience in Information Security - Experience in the healthcare insurance sector Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, you'll find a far-reaching choice of benefits and incentives. The salary for this role will range from $112,700 to $193,200 annually based on full-time employment. We comply with all minimum wage laws as applicable. Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission. UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. UnitedHealth Group is a drug - free workplace. Candidates are required to pass a drug test before beginning employment.