• Lead Line 1 incident and breach management to ensure timely identification, resolution and risk remediation • Strengthen risk and control effectiveness by partnering with stakeholders on assurance testing and issue outcomes • Translate risk insights into clear, practical guidance that supports informed decision-making by risk owners • Embed efficient, compliant ways of working by supporting the evolution of business processes and controls • Provide trusted, commercially balanced risk and compliance advice that enables safe and sustainable business delivery • Champion strong risk culture by representing Line 1 risk across change initiatives, projects and governance forums

Provide comprehensive health evaluations for patients with complex kidney conditions, manage care to slow disease progression, and lead clinical teams to ensure effective coordination of care addressing both medical and psychosocial needs.

Role Description Join our Business Improvement and Technology Directorate, where you’ll help drive smarter ways of working and support Rethink’s digital growth. In this role, you’ll play a key part in our audit and risk management framework, identifying control gaps, improving processes, and helping the organisation run more effectively. You’ll work closely with senior leaders, giving you great exposure and the opportunity to make a real impact. - Lead Rethink’s audit and risk activity, ensuring focus on key strategic risks and high-quality delivery - Manage the full internal audit cycle, from planning and fieldwork through to reporting and follow-up - Identify control gaps, inefficiencies, and opportunities to improve processes and ways of working - Develop clear, practical recommendations to strengthen internal controls - Oversee the risk management framework, including the corporate and directorate risk registers - Support senior leaders to manage risk effectively and improve organisational performance - Monitor compliance with regulatory requirements and industry best practice - Produce clear, insightful reports for the Executive Team and Audit & Assurance Committee - Strengthen organisational assurance, improve risk visibility, and support better decision-making across Rethink Qualifications - Proven experience in audit, risk management or compliance - Professional qualifications such as Certified Internal Auditor (CIA), Associate Chartered Accountant (ACA), Association of Chartered Certified Accountants (ACCA) - A strong understanding of internal control frameworks, e.g. ISO 31000 - Excellent analytical skills with the ability to translate complex data into actionable insights - Excellent communication skills with the ability to engage and influence stakeholders at all levels - A proactive mindset with the confidence to challenge the status quo - Proficient IT skills in Microsoft applications Benefits - Join staff networks that champion diversity and inclusion. - Access our Wellbeing Hub, Employee Assistance Programme, and the Unmind mental health app. - Enjoy discounts, cashback offers, and celebrate achievements through our PULSE platform. - Starting at 25 days annual leave (plus bank holidays and your birthday off), with options to buy or sell extra days. - Grow your career with structured onboarding and training opportunities. - Contributory pension scheme, enhanced family leave, and travel benefits like season ticket loans and cycle-to-work schemes. - Earn up to £300 for introducing someone to our team.

Requisition Number: 2348893 Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. Primary Responsibilities: - Perform end-to-end Vulnerability Management across on-prem, application, and cloud environments - Conduct vulnerability identification, triage, prioritization, and remediation tracking - Partner with IT and engineering teams to provide technical guidance for vulnerability remediation - Utilize tools such as Rapid7, Tenable.io, Nessus, Security Center, Tanium, Nmap, and others for scanning and analytics - Develop and implement strategies to improve and automate the vulnerability management lifecycle - Provide insights using threat modeling, vulnerability trend analysis, and emerging threat intelligence - Monitor service performance against SLAs and drive improvements in customer satisfaction - Integrate vulnerability metrics into executive dashboards and overall risk reporting - Ensure adherence to business agreements, policies, procedures, regulatory requirements, and control compliance mappings - Monitor information security risks and drive remediation of policy exceptions and risk gaps - Manage the Risk Register, including risk acceptance, risk exceptions, and risk disposition activities - Ensure compliance with applicable data privacy regulations - Identify process and security gaps, recommend improvements, and support corrective action implementation - Perform and manage Control/Risk Assessments and ensure timely remediation of findings - Define risk thresholds, enhance the risk framework, and drive remediation of governance and process gaps - Manage policy and control exception workflows through the GRC platform - Conduct control testing to assess maturity and effectiveness of controls aligned with HITRUST and NIST 800-53 Rev 2 - Establish a baseline of vendor risk, identify areas of exposure, and align VRM strategies with client goals - Support the design and implementation of a consistent Vendor Risk Management program aligned with internal and regulatory requirements - Prepare executive-level summaries with recommendations regarding third-party remediation efforts and risk disposition - Maintain up-to-date knowledge of information security and quality management topics relevant to VRM obligation - Create and maintain real-time dashboards for Policies, Standards, Risk Management, and TVM insights - Conduct monthly reviews of High and Critical risks with risk owners and executive leadership - Develop executive dashboards that provide visibility into goals, KPIs, KRIs, and risk trends - Communicate professionally across all stakeholder levels using multiple channels - Serve as Point of Contact (POC) in the lead's absence - Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regard to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications: - 5+ years of technical experience in Information Security - 5+ years of GRC platform implementation/migration experience (NAVEX, ServiceNow, LogicGate, RSM/Rsam, Perimeter, etc.) - 5+ years of IT Audit experience with the ability to independently manage assessments and projects Experience with vulnerability management lifecycle, threat modeling, and remediation oversight - Solid understanding of ISO 27001, core security concepts, and federal cybersecurity standards (NIST 800-53) - Proven excellent written and verbal communication skills; solid presentation skills - Hands-on experience with vulnerability management tools (Rapid7, Tenable, Nmap, Tanium, etc.) - Solid analytical and problem-solving abilities Preferred Qualifications: - Relevant certifications: CISA, CISSP, Security+, CRISC, CISM, etc. - 3+ years of experience directly in Threat & Vulnerability Management - Experience with cloud computing and cloud security risk assessments - Experience automating parts of the VM lifecycle - Solid understanding of cloud/on-prem hybrid environments and related security risks At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone - of every race, gender, sexuality, age, location and income - deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission. Optum is a drug-free workplace. © 2026 Optum Global Solutions (Philippines) Inc. All rights reserved.