To use Bossjob, please enable Javascript or download the latest Chrome browser here
Optum, a UnitedHealth Group company logo

Info Security Risk Analyst - Cebu City, Cebu

Log into view salary
Experience icon1 - 3 years
Education iconDiploma
Job type iconFull-time

Info Security Risk Analyst - Cebu City, Cebu

Log into view salary
Location iconcebu-cityExperience icon1 - 3 years
Education iconDiplomaJob type iconFull-time
Posted on 16 October 2021

Job Description

Posted on 14 October 2021

Combine two of the fastest-growing fields on the planet with a culture of performance, collaboration and opportunity and this is what you get. Leading edge technology in an industry that's improving the lives of millions. Here, innovation isn't about another gadget, it's about making health care data available wherever and whenever people need it, safely and reliably. There's no room for error. Join us and start doing your life's best work.(sm)


Primary Responsibilities:

  • Lead Third Party assessments and follow-up activities with strategic Third Party relationship
  • Communicate professionally with Third Party stakeholders/end users through multiple communication methods, building trusting relationship
  • Understand and enforce General Computing Controls of Third Party organization structure
  • Identify security administration deficiencies, recommend improvements, and assist to implement corrective action
  • Develop and maintain procedure documentation
  • Execution of reporting (Daily/Weekly/Monthly)
  • Understand and scope properly Third Party organization structure to apply necessary controls to be assessed
  • Perform and manage Control/Risk Assessment and remediation of identified findings as per process documents
  • Ensure Third Party compliance to the business agreement, policies, procedures, & regulations along with ability to map controls and compliance requirements
  • Review Third Party supplied policies & procedures, internal/external assessment reports, agreements and provide feedback
  • Executive summaries with recommendations & direction regarding remediation efforts and disposition of the third party
  • Communicate, escalate, and track Third Party remediation progress on assessment remediation activities
  • Understand information security risks that are inherent to a business and articulate those risks in business terms
  • Maintain current knowledge on information security topics and their applicability program requirements
  • Engage on-shore leadership regarding any escalation/delays/deviations during assessment/remediation
  • Work and Coach assigned analysts/mentee in terms of operational processes/ competencies
  • Serves as POC (Point of Contact) in lead’s absence
  • Conducts quality checks and provide feedback as necessary
  • Create reports and presentation needed for operational process
  • Other duties assigned
  • Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so 

Requirements

Required Qualifications:

  • 4+ years of experience in auditing/security assessments
  • 4+ years of experience working with senior levels of management
  • Experience in examining the SSAE 16 Audit, SOC 2, PCI DSS, NY Cyber Security and other security audit report
  • Security expertise including knowledge on different security risk assessment frameworks (NIST/Octave), standards (ISO27001/HITRUST/ITIL/Cobit), and act such as (HIPAA/GLBA).
  • Knowledge and understanding of different security products (web/email filtering, disk encryption, vulnerability testing, antivirus, DLP, firewall etc.)
  • Knowledge on technology/software development methodologies, application security, and OWASP Top 10 guidelines
  • Ability to document assessment work papers and preparing assessment report
  • Ability to manage Third Party assessment independently with minimal supervision
  • Strong Listening, Communication, and Presentation Skills
  • Good follow-up skills and detail oriented


Preferred Qualifications: 

  • CISA, CISSP,CPISI, ISO 27001
  • Good project management skills

 

Careers with Optum. Here's the idea. We built an entire organization around one giant objective; make the health system work better for everyone. So when it comes to how we use the world's large accumulation of health-related information, or guide health and lifestyle choices or manage pharmacy benefits for millions, our first goal is to leap beyond the status quo and uncover new ways to serve. Optum, part of the UnitedHealth Group family of businesses, brings together some of the greatest minds and most advanced ideas on where health care has to go in order to reach its fullest potential. For you, that means working on high performance teams against sophisticated challenges that matter. Optum, incredible ideas in one incredible company and a singular opportunity to do your life's best work.(sm)


Diversity creates a healthier atmosphere: Optum is an Equal Employment Opportunity/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.


Optum is a drug-free workplace. © 2021 Optum Global Solutions (Philippines) Inc. All rights reserved.


Job Keywords: Information Security Risk Analyst, Security Analyst, auditing, Audit, security assessments, Cebu City, Central Visayas, Cebu

Skills / Software

Software EngineeringjQueryData ScienceWeb DevelopmentNode.jsJiraAngularJSRuby on RailsBootstrapASP.NET

Working Location

Cebu City, Philippines

Job Description

minus

Combine two of the fastest-growing fields on the planet with a culture of performance, collaboration and opportunity and this is what you get. Leading edge technology in an industry that's improving the lives of millions. Here, innovation isn't about another gadget, it's about making health care data available wherever and whenever people need it, safely and reliably. There's no room for error. Join us and start doing your life's best work.(sm)


Primary Responsibilities:

  • Lead Third Party assessments and follow-up activities with strategic Third Party relationship
  • Communicate professionally with Third Party stakeholders/end users through multiple communication methods, building trusting relationship
  • Understand and enforce General Computing Controls of Third Party organization structure
  • Identify security administration deficiencies, recommend improvements, and assist to implement corrective action
  • Develop and maintain procedure documentation
  • Execution of reporting (Daily/Weekly/Monthly)
  • Understand and scope properly Third Party organization structure to apply necessary controls to be assessed
  • Perform and manage Control/Risk Assessment and remediation of identified findings as per process documents
  • Ensure Third Party compliance to the business agreement, policies, procedures, & regulations along with ability to map controls and compliance requirements
  • Review Third Party supplied policies & procedures, internal/external assessment reports, agreements and provide feedback
  • Executive summaries with recommendations & direction regarding remediation efforts and disposition of the third party
  • Communicate, escalate, and track Third Party remediation progress on assessment remediation activities
  • Understand information security risks that are inherent to a business and articulate those risks in business terms
  • Maintain current knowledge on information security topics and their applicability program requirements
  • Engage on-shore leadership regarding any escalation/delays/deviations during assessment/remediation
  • Work and Coach assigned analysts/mentee in terms of operational processes/ competencies
  • Serves as POC (Point of Contact) in lead’s absence
  • Conducts quality checks and provide feedback as necessary
  • Create reports and presentation needed for operational process
  • Other duties assigned
  • Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so 

Job Requirements

Plus

Required Qualifications:

  • 4+ years of experience in auditing/security assessments
  • 4+ years of experience working with senior levels of management
  • Experience in examining the SSAE 16 Audit, SOC 2, PCI DSS, NY Cyber Security and other security audit report
  • Security expertise including knowledge on different security risk assessment frameworks (NIST/Octave), standards (ISO27001/HITRUST/ITIL/Cobit), and act such as (HIPAA/GLBA).
  • Knowledge and understanding of different security products (web/email filtering, disk encryption, vulnerability testing, antivirus, DLP, firewall etc.)
  • Knowledge on technology/software development methodologies, application security, and OWASP Top 10 guidelines
  • Ability to document assessment work papers and preparing assessment report
  • Ability to manage Third Party assessment independently with minimal supervision
  • Strong Listening, Communication, and Presentation Skills
  • Good follow-up skills and detail oriented


Preferred Qualifications: 

  • CISA, CISSP,CPISI, ISO 27001
  • Good project management skills

 

Careers with Optum. Here's the idea. We built an entire organization around one giant objective; make the health system work better for everyone. So when it comes to how we use the world's large accumulation of health-related information, or guide health and lifestyle choices or manage pharmacy benefits for millions, our first goal is to leap beyond the status quo and uncover new ways to serve. Optum, part of the UnitedHealth Group family of businesses, brings together some of the greatest minds and most advanced ideas on where health care has to go in order to reach its fullest potential. For you, that means working on high performance teams against sophisticated challenges that matter. Optum, incredible ideas in one incredible company and a singular opportunity to do your life's best work.(sm)


Diversity creates a healthier atmosphere: Optum is an Equal Employment Opportunity/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.


Optum is a drug-free workplace. © 2021 Optum Global Solutions (Philippines) Inc. All rights reserved.


Job Keywords: Information Security Risk Analyst, Security Analyst, auditing, Audit, security assessments, Cebu City, Central Visayas, Cebu

Skills / Software

Plus
Software EngineeringjQueryData ScienceWeb DevelopmentNode.jsJiraAngularJSRuby on RailsBootstrapASP.NET

Working Location

Plus
Cebu City, Philippines

About the company

Company Profile:   Optum, part of UnitedHealth Group family of businesses, is a health services and innovation company dedicated to helping people live healthier lives and helping make the health system work better for everyone. With over 165,000 people collaborating worldwide, we’re working to improve the delivery, quality and efficiency of health care.   In the Philippines, we have offices in Al...

IndustriesHealthcare
Employees> 1000

Recruiter

Ma Fe Encontro  
81% response rate, respond in more than a monthLast active 11/10/2021
Similar Jobs
There is no similar jobs at the moment