job description
Join Optum as a Senior Information Security Engineer specializing in Risk, Governance, Risk & Compliance (GRC), Vendor Management, and Security Training & Awareness. In this critical role, you will assess and mitigate cyber risks, ensure third-party vendor compliance, and drive enterprise-wide security education initiatives. Based in Bali, youâll collaborate with global teams to strengthen our security posture while enjoying a dynamic work environment.
Your expertise will directly impact decision-making by providing actionable security metrics and strategic insights. If youâre passionate about cybersecurity, compliance, and fostering a culture of security awareness, this is your opportunity to make a difference at a leading healthcare technology company.
Responsibility
- Conduct comprehensive cyber risk assessments and prioritize mitigation strategies.
- Evaluate third-party vendors for security risks and ensure compliance with organizational policies.
- Develop and maintain GRC frameworks, including policies, standards, and procedures.
- Design and deliver engaging security training and awareness programs for employees.
- Monitor and report on security metrics to leadership for data-driven decisions.
- Collaborate with cross-functional teams to integrate security best practices.
- Stay updated on emerging threats and regulatory changes (e.g., GDPR, HIPAA).
Qualifications
- Bachelorâs degree in Cybersecurity, IT, or related field (Masterâs preferred).
- 5+ years in information security, with expertise in GRC and vendor risk management.
- Certifications such as CISSP, CISM, or CRISC are highly desirable.
- Proven experience in security awareness training and program development.
- Strong analytical skills to interpret complex security data and trends.
- Excellent communication skills to articulate risks to technical and non-technical stakeholders.
- Familiarity with healthcare or financial sector compliance is a plus.