Apply on Employer Site

UnitedHealth Group · 3 weeks ago

Sr. Director, Business Information Security Officer Data & AI/ML Engineering - Remote or Hybrid from MN or DC

Eden Prairie, MN

Full-time

Hybrid

Director/Executive

$156K/yr - $268K/yr

16+ years exp

UnitedHealth Group is a global organization that delivers care aided by technology to help millions of people live healthier lives. They are seeking a Sr. Director, Business Information Security Officer to drive execution and program management of security strategy and risk governance for their Enterprise Data & AI/ML divisions, focusing on critical security controls and compliance across global operations.

Health CareHospitalMedicalWellness

Responsibilities

Understand and contribute to LLM threat modeling, prompt injection detection, adversarial testing, and alignment protocols

Drive Security for AI/ML development pipelines (MLOps), integrating DevSecOps principles, access controls, and provenance tracking

Guide and consult on model lifecycle security including fine-tuning risks, output sanitization, hallucination detection, and bias remediation

Consult on and drive adherence to data governance guardrails for training, inference, storage, and synthetic data creation

Map evolving AI/ML risks against global frameworks: EU AI Act, NIST AI RMF, ISO 42001, DPDP Act, and internal GRC mandates

Drive action and accountability for enterprise-wide AI/ML risk assessments, internal audits, and red teaming exercises targeting GenAI systems

Support regulatory responses, incident management, and executive briefings tied to AI/ML program controls

Collaborate with Legal, Data Privacy, and Engineering teams to align on emerging AI ethics and liability risks

Act as Security Advisor to technology leadership, bridging technical realities with strategic risk perspectives

Champion secure enablement, helping business units adopt AI/ML responsibly and confidently

Drive action with virtual cross-functional teams including data science, product, legal, and security engineering stakeholders

Influence culture and policy through thought leadership, workshops, and publication of enterprise AI Security Playbooks

Draft C-suite-level strategy briefings, board-level updates, and actionable security advisories

Engage in global forums, contribute to regulatory consultations, and build the firm's external reputation in AI/ML security

Translate technical risk into business impact for a non-technical audience

Qualification

Data & AI/ML securityRisk managementIndirect leadershipCloud-native architectureCISM / CISSP / CCSPISO/IEC 27001 experienceAI platform securityThought leadershipCommunication skillsCollaboration skills

Required

16+ years of experience in Information/Cyber Security in corporate environment, including 5+ years in emerging tech (AI/ML, data platforms, analytics systems)

Experience managing risks tied to data integrity, model drift, shadow AI deployments, and third-party AI services

Proven track record securing AI platforms and LLM ecosystems (e.g., OpenAI, Azure AI, Vertex AI, AWS Bedrock)

Solid command of cloud-native architecture, zero trust security models, and federated learning environments

Proven history of indirect leadership, driving outcomes across non-reporting teams and global stakeholders