Senior Director, Security Engineering (PSIRT) - Own product security. Lead response. Drive impact

Optum is a global leader in health care innovation, developing cutting-edge solutions for healthier lives. The Director of PSIRT leads the response to product-related cybersecurity incidents, building a high-performing team to detect and mitigate threats while driving cross-functional alignment and strategic vision for product security.

Responsibilities:

• Lead the response to product-related cyber incidents, including codebase compromise, supply chain vulnerabilities (e.g. NPM, GitHub), and third-party dependency risks
• Oversee the lifecycle of incident management: detection, triage, containment, eradication, recovery, and post-incident review
• Define the PSIRT North Star and roadmap, including quarterly milestones and key results aligned with business outcomes
• Develop and maintain incident response playbooks, escalation protocols, and tooling strategies tailored to product environments
• Integrate threat intelligence into product pipelines to proactively identify risks
• Collaborate with engineering teams to embed security controls (e.g. secrets scanning, firewall rules, build runner protections) into CI/CD workflows
• Partner with Product Management, Engineering, Legal, and Cloud Infrastructure teams to ensure coordinated response and remediation
• Serve as the connective tissue between ESRO, ETIPS, and business units for secure product delivery
• Provide executive-level briefings on incident status, impact, and remediation
• Maintain documentation for audit, compliance, and continuous improvement
• Build and lead a multidisciplinary team of responders, analysts, and engineers
• Foster a culture of operational excellence, continuous learning, and proactive risk management

Requirements:

• Dual-Track Technical Tenure: 10+ years of combined experience in Software and Security engineering. They must understand how code is built and shipped (entire SDLC) at scale to effectively tell developers how to fix it
• Architectural Risk Assessment: 10+ years of experience performing Threat Modeling and deep-dive code reviews across diverse stacks (e.g., Cloud-native/K8s, embedded systems, or SaaS) to identify systemic supply chain weaknesses
• SDLC Governance at Scale: 10+ years of experience implementing and maturing Secure Development Lifecycles (SDL), ensuring security checkpoints—like SBOM generation and SCA scanning—are automated into the CI/CD pipeline
• Incident Response Leadership: Experience in managing high-stakes security incidents, with 5+ years specifically focused on Product Security (PSIRT) rather than just internal IT/Corporate security
• Vulnerability Lifecycle Management: 5+ years of experience overseeing the full lifecycle of CVE (Common Vulnerabilities and Exposures) assignments, from initial researcher report through coordinated disclosure and patch verification
• CISSP, GIAC (GREM, GCFA), or equivalent
• Product security or cloud certifications (e.g. AWS Security, GCP Professional Security Engineer)