Find Jobs
Sr Info Security Engineer
Minnetonka, Minnesota  |  Remote, Onsite
Contract to Hire Position
It appears that you have already applied to this job.
Applied on November 29, 2021
Job Id #51708 Posted October 27, 2021


  • No other industry is changing as rapidly or as broadly as health care.
  • But to us, change is invigorating.
  • It gives us a chance to continue to innovate as we shape the future.
  • As a Compliance Consultant with us, you will monitor changes to laws and regulations to ensure compliance with State and Federal mandates.
  • It’s an exhilarating pace where you can develop your career while you help to make the health system work better for everyone.

Projects the candidate will be working on:

  • Position is to support all OSGS projects with assessments and independent audits to provide contractual deliverables, such as a Security Assessment/Audit Plan and Security Assessment/Audit Reports.

Ideal Background:

  • Ideal candidate will have a security/compliance background with government systems and SOC experience.
  • Experience with NIST 800-53, government security control frameworks, and the cloud.


  • Practical experience with listed items in number 3 above who can describe their contributions to those areas.
  • Knowledge of the Risk Management Framework, System boundaries, defining assessment/audit scope, and control categories.
  • Plus excellent communication skills to include written and oral.

Top Requirements:

  • Leading / implementing IT controls for an information system (5 or more years of experience)
  • Experience with IT Security internal and external assessments/audits (5 or more years of experience)
  • Prior assessment/audit experience with cloud applications and infrastructures with multiple compliance requirements, such as HIPAA, CMS, and IRS, FedRAMP, and NIST (3 or more years of experience)

Team and Team size:

  • Candidate will be an assessor along with 5 other assessor team members.

Primary Responsibilities:

  • Develop / translate / assess IT FISMA / NIST regulatory requirements from CMS and
  • IRS into control requirements
  • Integrate multiple requirements into a common infrastructure assessment process
  • Assess application and infrastructure information systems with multiple common control environments against HITRUST, HIPAA, ISO 27001, and multiple government requirements typically represented in NIST form (CMS MARS-E, IRS 1075, CMS ARS, VA 6500)
  • Deep understanding of NIST Risk Management Framework
  • Design and execute assessment plans to meet project objectives and challenges
  • Identifies and resolves operational problems using defined processes, expertise and judgment
  • Demonstrate integrity and ethical behavior by complying with applicable laws, regulations and policies and requiring the same from others
  • Manage and ensure compliance with structures, processes, and technologies
  • Maintain knowledge of and leverage industry technologies and trends
  • Create assessment documentation and reports for communication to management

Required Qualifications:

  • 5 or more years of experience in leading / implementing IT controls
  • Previous experience in IT Security internal audit and external audit
  • Prior experience application and infrastructure for cloud information systems with multiple common control environments against HITRUST, HIPAA, and multiple government requirements typically represented in NIST form (CMS MARS-E, IRS 1075, CMS ARS, VA 6500)
  • If you need to enter a work site for any reason, you will be required to screen for symptoms using the ProtectWell mobile app, Interactive Voice Response (i.e., entering your symptoms via phone system) or a similar Group approved symptom screener.
  • Employees must comply with any state and local masking orders. In addition, when in a UnitedHealth Group building, employees are expected to wear a mask in areas where physical distancing cannot be attained.

Preferred Qualifications:

  • Big 4 audit experience
  • Bachelor’s degree
  • ISO 27001, CISSP, CISM, or CISA Certification
  • Previous experience with implementing CMS ARS, MARS-E, & HIPAA; IRS 1075; ISO 27001; and AICPA SOC2 control frameworks
  • Previous implementation experience with large government information technology projects with CMS Authorization To Operate (ATO)
  • Proficiency with GRC tool(s) utilized within the Government audit space.

Interview Process:

  • a. How many rounds? 2 rounds
  • b. Video vs. phone? Phone
  • c. How technical will the interviews be? Interviews will gauge each candidates technical experience related to how security controls are assessed/audited.

Horizontal is proud to be an Equal Opportunity and Affirmative Action Employer. We seek to provide employment opportunities to talented, qualified candidates regardless of race, color, sex/gender including gender identity and/or expression, national origin, religion, sexual orientation, disability, marital status, citizen status, veteran status, or any other protected classification under federal, state or local law.

In addition, Horizontal will provide reasonable accommodations for qualified individuals with disabilities. If you need to request a reasonable accommodation in order to complete the application or interview process, please contact

All applicants applying must be legally authorized to work in the country of employment.


What is your gender?

What is your ethnicity?

What is your Veteran / U.S. Military Status?

Do you identify with one or more of the classifications of protected veterans below?

If yes, please indicate by checking the appropriate box below

Do you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Horizontal is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.


You have saved your first job! To see all your Saved Jobs, click here. Or continue scrolling through jobs and bookmark openings that catch your eye and apply for those jobs later.

Return to Job Search

We’re sorry!

There are currently no open positions in your location or accepting applications from out of the country

Return to Home
Cookies help us improve your website experience.
By using our website, you agree to our use of cookies.