Mgr, Application Security-314593: UnitedHealth Group

• Build and maintain productive working relationships with other business people.
• Lead and support the performance of White-Box and Black-Box web application security assessments on all UnitedHealth Group applications.
• Develop secure coding policies and practices.
• Review application source code and database SQL and stored procedure code for potential vulnerabilities and exploits.
• Evaluate new and emerging products and technologies.
• Assist with security awareness and training.
• Assist in the security incident and investigation activities.
• Communicate effectively and authoritatively with a variety of audiences, including during a crisis.Critical Success Factors / Key Performance Indicators:

This manager will deliver the following outcomes to UnitedHealth Group:

• Deliver and maintain a strategy and long-term plan for the continued management of application security by UnitedHealth Group.
• Nominate short-term objectives that support the long-term strategy and plan
• Nominate metrics to measure and track the quality of this team's processes and operation.
• Manage consistent delivery of application security services.
• Assign, prioritize and manage the work of application security team members and facilitate and coordinate the work and input of other subject matter experts from within the Information Risk Management organization and across UnitedHealth Group IT, other IT management entities, application services leaders and business stakeholders, as required.
• Coordinate activities with other managers and leaders within Information Risk Management to accomplish organizational objectives.
• Coordinate the development of shared processes and workflows required to facilitate application security objectives with impacted teams. Ensure that responsibilities and accountability for shared processes are agreed by the appropriate managers and leaders.
• Review and provide input to changes to security policies, control standards, security standards and security procedures both with regard to UnitedHealth Group's overall application security risk posture and also with regard to aligning those changes with the team's mission.QualificationsThe Manager Application Security is committed to customer satisfaction and exemplifies the highest ethical standards. Strong communication skills are required. Proven experience in working with a team of diverse individuals from management and technical backgrounds is required.

Qualifications

This role requires the following qualifications:

• Bachelors degree in a relevant field of work.
• 6+ yrs of operational experience in information technology. Proven management experience.
• 4+ years of broad software development experience. Experience with multiple IT platforms, application languages and methodologies highly desirable.
• Demonstrated practical knowledge of relevant National Institute of Standards & Technology (NIST), International Standards Organization (ISO) and application security organizations (OWASP) recommendations and standards and ability to align those within the application security program.
• Industry-specific certifications in information security or commensurate experience. This includes one or more of the following: CISSP, CISA, and CISM.
• Sets team direction, resolves problems and provides guidance to members of own team.
• May oversee work activities of other supervisors.
• Adapts departmental plans and priorities to address business and operational challenges.
• Influences or provides input to forecasting and planning activities.
• Product, service or process decisions are most likely to impact multiple groups of employees and/or customers (internal or external). - Undergraduate degree or equivalent experience.