Information Security Risk Analyst - Taguig CIty, NCR

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together.

Primary Responsibilities:

• Assistance with enterprise and business line risk assessments. This includes the execution of the risk assessment, management of action plans, creation of reports, and assistance of all other regulatory responsibilities
• Work with business partners and assist them in the interpretation of security policies, standards and associated guideline
• Assist end users in navigating the Policy Exception process
• Process Policy Exceptions, assess risk, identify and document association mitigating controls, required remediation and risk ranking
• Work cross functionally with infrastructure teams to identify and assess technical risk and associated remediation requirements
• Engage BISO's / TISA's as needed for risk escalations, reviews and documented approvals
• Define and consult on remediation solutions
• Basic, structured, standard approach to work
• Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so

• 2+ years of experience in risk management or remediation
• Experience working with regulatory requirements and industry standards (ISO 27001, HIPAA, SOX, PCI, GLBA, NIST, HITRUST)
• Experience working with security best practices
  • (ISO 27001, HIPAA, SOX, PCI, GLBA, NIST, HITRUST), ITIL
• Basic IT knowledge, Knowledge of Desktop Security Management, Audit and Remediation, Good customer Service
• Knowledge of regulatory requirements and industry standards (ISO 27001, HIPAA, SOX, PCI, GLBA, NIST, HITRUST)
• Knowledge of Desktop Security Management, Audit and Remediation
• Practiced risk assessment skills and the ability to manage risk assessments / projects independently
• Proven solid organizational skills
• Proven results oriented and operations focused
• Demonstrated ability to translate security risks into business terms
• Demonstrated ability to communicate effectively with all levels of management
• Demonstrated ability to develop effective cross-functional relationships
• Demonstrated ability to work in a fast paced environment