Job Description
Senior Security Engineer - Ireland and UK Remote Optum is a global organisation that delivers care, aided by technology to help millions of people live healthier lives.
The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best.
Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities.
As a Fortune 5 business, we're one of the world's leading healthcare companies.
We have been supporting global healthcare systems from Ireland and the UK for more than 20 years, building a dynamic and diverse team of more than 2,100 talented individuals.
As a Senior Security Engineer, you will be responsible for supporting the day-to-day operation of the information security management system and risk management program, and supporting Enterprise Information Security (EIS) processes and programs.
The Senior Security Engineer is deemed a critical integration point with the business and is considered a change agent for the business in understanding security risks and the role and responsibilities of EIS, as well as ensuring that EIS fully understands and is engaged to support the needs, objectives and priorities of the business.
Provide leadership and guidance to the organization on how to plan, implement and maintain an effective ISMS while meeting legal, industry, and organizational information security requirements.
Act as a trusted advisor to senior management on information security strategy and best practices aligned with ISO 27001:2022 and ISO 27017.
Contribute as a team member in major programs or change initiatives aimed at increasing the enterprise security capabilities.
Communicate to senior management on risk management concepts, as well as specific project risks and risk mitigation options/scenarios.
Support the organization's migration from ISO 27001:2013 to ISO 27001:2022; conducting a gap analysis to identify discrepancies, developing a migration plan, updating documentation and procedures, and ensuring a smooth transition.
Maintain current knowledge on information security topics and their applicability to the enterprise and the healthcare industry.
Conduct reviews of the ISMS and cloud security controls to guarantee their continued effectiveness and alignment with evolving threats, best practices, and the requirements of the new ISO 27001:2022 standard.
Prepare and maintain comprehensive documentation for ISO 27001:2022 and ISO 27017 certification audits, demonstrating a deep understanding of the standards and their application.
Key Responsibilities: • Provide leadership and guidance to the organization on how to plan, implement and maintain an effective ISMS • Act as a trusted advisor to senior management on information security strategy and best practices • Contribute as a team member in major programs or change initiatives aimed at increasing the enterprise security capabilities • Communicate to senior management on risk management concepts, as well as specific project risks and risk mitigation options/scenarios • Support the organization's migration from ISO 27001:2013 to ISO 27001:2022
Key Qualifications: • Bachelor's degree in an IT related discipline or equivalent experience • Experience working in large and highly-regulated organisations • Technical security certification (SSCP, CISSP, CCSP, CEH) • Experience with practical interpretation and application of policy and standards • ISO 27001 Lead Auditor/Lead Implementer
Preferred Qualifications: • Experience with Public Cloud platforms (Azure, AWS, GCP) • Subject matter expert knowledge of the technology aspects of security • Strong experience in information security, with a proven track record of successfully implementing and maintaining ISO 27001 and ISO 27017 controls