Director, Cybersecurity Executive Reporting- Remote or Hybrid from NM or DC

Requisition Number: 2344750
Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together.
We are seeking a Director to lead executive-level cybersecurity reporting for our Security Shield & Accelerator program across the company's portfolio of Acquired Entities. This role operates at the intersection of cybersecurity, enterprise risk, and executive decision-making, providing clear, authoritative insights to C suite leaders and enterprise governance bodies.
The Director will be accountable for how Security Shield progress, risk posture, and control maturity are communicated to senior leadership. This role requires exceptional judgment, the ability to influence at the highest levels of the organization, and deep experience operating in large, highly regulated, multi-entity environments typical of a Fortune 5 company.
If you are located in NM or DC, you will have the flexibility to work remotely* as you take on some tough challenges. For all hires in the Minneapolis or Washington, D.C. area, you will be required to work in the office a minimum of four days per week.
Primary Responsibilities:

• Executive & Board-Level Reporting
  • Own the enterprise narrative for Security Shield implementation across Acquired Entities
  • Deliver C suite-ready reporting to the CISO, CIO, CTO, CFO, CEO staff, and other senior executives
  • Prepare materials for executive forums, risk committees, board-adjacent readouts, and QBRs
  • Translate technical security implementation data into concise, outcome-focused insights for executive decision-making
  • Anticipate executive questions and proactively surface risk, trade-offs, and recommendations
• Enterprise Security Shield & Accelerator Oversight
  • Establish and maintain standardized metrics, maturity models, and KPIs for Security Shield & Accelerator control implementation
  • Provide roll-up visibility across diverse acquired environments, highlighting trends, systemic risks, and executive action items
  • Ensure reporting aligns with enterprise security strategy, regulatory expectations, and risk tolerance
  • Partner with Security Architecture, Engineering, and GRC teams to validate data accuracy and credibility
  • Drive cross-workstream alignment for large-scale program initiatives by coordinating dependencies, sequencing, and integration points across multiple security, IT, and business teams
  • Ensure consistent communication and execution across workstreams, identifying and escalating cross-functional blockers that impact program timelines or executive commitments
• Acquired Entity Security Integration Leadership
  • Serve as a senior security integration leader supporting acquisitions from close through steady-state operations
  • Define reporting standards and governance for acquired entity security integration
  • Advise corporate and acquired entity leadership on security priorities, sequencing, and risk-based decisions
  • Identify dependencies, resource constraints, and execution risks and elevate them appropriately
• Strategic Stakeholder Leadership
  • Act as a trusted advisor to senior security and technology leaders across the enterprise
  • Drive alignment across Security, IT, Risk, Internal Audit, and M&A integration teams
  • Influence outcomes in a highly matrixed environment without direct authority
  • Represent Security Shield progress in enterprise planning, investment, and risk discussions
• Reporting Transformation & Continuous Improvement
  • Mature executive reporting through automation, improved data quality, and advanced visualization
  • Define best practices for executive storytelling, risk framing, and portfolio-level reporting
  • Continuously improve how security outcomes are measured, communicated, and acted upon

You'll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.
Required Qualifications:

• 10+ years of progressive experience in a cybersecurity and/or enterprise risk technology leadership role
• 6+ years of experience supporting M&A activity, post acquisition integration, or multi-entity security programs
• Solid understanding of cybersecurity control frameworks (e.g., NIST, ISO 27001, CIS) and control maturity modeling
• Proven success delivering executive- and board-level reporting in a large, complex enterprise
• Proven exceptional executive presence with the ability to influence senior leaders through data and narrative
• Demonstrated ability to operate strategically while maintaining credibility at the technical level
• Demonstrated ability to thrive in fast-paced, dynamic, and high-pressure environments, adapting quickly to changing priorities and executive needs

Preferred Qualifications:

• Advanced degree (MBA, MS in Cybersecurity, or equivalent experience)
• Experience in a Fortune 50 / Fortune 10 organization
• Experience preparing materials for Boards, Board committees, or equivalent governance bodies
• Experience with Agile, Lean, or Six Sigma methodologies, with the ability to apply structured process improvement practices to reporting, integration workflows, and cross-functional execution
• Familiarity with enterprise reporting platforms (e.g., Power BI, Tableau, ServiceNow, GRC platforms)
• Background in security program leadership, GRC, or enterprise risk management

Key Competencies

• Executive communication and influence
• Strategic risk framing and decision support
• Portfolio-level thinking across complex enterprises
• High judgment in ambiguous and politically sensitive environments
• Ability to balance transparency, accuracy, and executive efficiency

*All employees working remotely will be required to adhere to UnitedHealth Group's Telecommuter Policy
Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, you'll find a far-reaching choice of benefits and incentives. The salary for this role will range from $134,600 to $230,800 annually based on full-time employment. We comply with all minimum wage laws as applicable.
At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.
UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations.
UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.