• Assessing the information security posture of key clients’ third parties • Coordinating the overall execution and delivery of assessments • Leading the effort to identify key risks and information security gaps • Conducting Third Party Risk Assessments • Performing site visits to third-party facilities • Evaluating effectiveness of security controls for compliance • Assessing cloud technologies such as SaaS, PaaS, and IaaS • Documenting information security risk and compliance findings • Performing quality assurance and review of assessments • Delivering high-quality, thorough reports • Coordinating schedules and assessments for key third party clients

• Create innovative, thought provoking, and highly leveraged “must-have insights” content • Develop new insights and ideas through thought leadership and offer compelling, actionable approaches to client's needs and requests that accelerate the client's ability to act • Develop in-depth analysis to identify the root cause of a client’s barriers or overall needs and reframe thinking to drive strategy forward • Demonstrate thought leadership in establishing insights positions across a team of analysts • Bring provocative, independent insights to Gartner leaders that can evolve the course of a research agenda • Research, analyze and predict market trends and shifts to provide clients and vendors with actionable insights • Provide clients and prospects with actionable advice aligned to their designated content area via virtual or face-to-face interactions • Create and deliver high value presentation materials on and off stage for Gartner events, industry and professional association conferences, and client briefings • Support BTI and Sales: Provide sales support serving as voice of the market to help Insights teams create content and to drive engagement with clients to make progress against their critical priorities to grow their business • Provide high quality and timely content peer review • Build credibility as an industry expert to represent Gartner insights, methodology and strategy • Actively participate in innovation, ideation, and research discussions and collaborate effectively with peers in the Insights community • Identify research process improvements or develop new processes that help the team and BTI provide excellent service delivery • Be a mentor and a coach by supporting more junior team members • Be client-centric while actively seeking to help clients engage regularly and often with Gartner insights and interactions

• Ensure the integrity, quality, standardization and traceability of master data by applying governance policies, controls and guidelines, focusing on the reliability of information used in corporate processes and decision-making. • Model, document, validate/approve and maintain procedures, business rules and processes related to Master Data Governance, promoting best practices, operational standardization, adherence to defined flows and knowledge management. • Execute and monitor activities for the creation, modification, cleansing and maintenance of master data, including materials, customers, suppliers and services, ensuring consistency, completeness and compliance with established standards. • Analyze master and transactional data in SAP and integrated systems, structuring cross-checks, analysis datasets and diagnostics to identify inconsistencies, discrepancies, duplicates, anomalies and improvement opportunities. • Develop preventive validation, control and monitoring mechanisms for master data to reduce operational risks, rework, systemic failures, inconsistencies across systems and impacts on business processes. • Identify root causes of issues related to master data, integrations, processes and systems, proposing corrective, preventive and sustainable solutions using continuous improvement methodologies such as PDCA and 5W2H, promoting process optimization and alignment with the company’s strategic objectives. • Develop internal automation solutions, auxiliary routines, scripts, applications and operational flows focused on operational efficiency, reduction of manual activities, traceability, standardization and productivity gains. • Create dashboards, reports, metrics and management analyses to monitor data quality, SLAs, productivity, backlog, inconsistencies, systemic errors and the performance of Master Data Governance processes. • Develop and support integrations between SAP, satellite systems, databases, structured files, APIs and other corporate solutions, ensuring consistency, security, traceability and continuity of information. • Lead and support initiatives, projects, improvements and sustaining routines related to master data, ensuring development best practices, testing, validation, version control, information security, documentation support, internal controls and administrative activities required for the continuity of the area’s processes, including purchase requisitions, payments and related follow-ups.

Requisition Number: 2365782 Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. Primary Responsibilities: - Ensure compliance to the business agreement, policies, procedures, & regulations along with ability to map controls and compliance requirements - Perform information security policies review based on industry best practice and framework gap - Monitors information security risks and drives remediation of policy exceptions - Establishes compliance with data privacy regulation - Identify process and security gaps, recommend improvements, and assist to implement corrective action. - Identify required process improvements to proactively address risks/vulnerabilities/threats - Perform and manage Control/Risk Assessment and remediation of identified findings as per process documents - Establish a baseline of vendor risk, identify areas of potential exposure, develop and align vendor risk management strategies with Client's goals and objectives, and execute program ensuring consistency - Support the design and implementation of a common and consistent vendor risk management (VRM) program to effectively manage vendor risk in accordance with internal policy and Federal/State Regulatory requirements - Maintain current knowledge on quality management and information security topics and their applicability program requirements - Serves as POC (Point of Contact) in lead's absence - Create executive summaries with recommendations & direction regarding remediation efforts and disposition of the third party - Communicate professionally with stakeholders/end users through multiple communication - Define risk thresholds, develop, and implement a risk framework, remediate identified gaps, governing the process - Manage the process of granting and expiring exceptions to policies and control standards through the GRC platform - Establish real-time actionable dashboards for Policies and Standard and Risk Management - Monthly review of High and Critical risks with risk owners and executive leadership - Establish an Executive dashboard to provide visibility into the goals and KPI's - Perform control testing to evaluate the maturity and effectiveness of implemented security controls based on HITRUST/ NIST 800-53 revision 2 Framework. - Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regard to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications: - 5 + years of technical experience in Information Security - 5+ years GRC platform implementation and migration experience for different tool (such as NAVEX Service Now, LogicGate, Rsam, Perimeter) - 5+ years IT Auditing skills and the ability to manage risk assessments / projects independently - Experience with federal cyber security standards (such as NIST 800-53) - Proven excellent communication skills both verbal and written - Good presentation skills particularly ability to present technology elements in manner personnel can follow and act - Good understanding of ISO27001 and Security Core Concepts - Good understanding of Risk Register, risk acceptance and risk exceptions At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone - of every race, gender, sexuality, age, location and income - deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission. Optum is a drug-free workplace. © 2026 Optum Global Solutions (Philippines) Inc. All rights reserved.