Profiles search

Susan Hundt

Senior Manager, Business Relationship Manger, PCI at Optum
Rogers, MN, United States

Details

Education: Masters of Science

Project Management

Saint Mary's University of Minnesota

2006 : 2009



Web Design

Hennepin Technical College

2005 : 2005

Bachelor of Science

Mass Communications

St. Cloud State University

1992 : 1996



English

University of Minnesota Duluth

1991 : 1992
Experience: 2021 : Present

Optum

Senior Manager, Business Relationship Manger, PCI

Program director of Enterprise Information Security Policy Management.

Coordination of Enterprise Information Security Operating and Governance Committees.

Consultation on policy and security standards.

-Writing security guidelines, security standards and control standard requirements with subject matter experts.

-Partnering with legal and privacy for review of new content.

-Developing communications to announce new content.

Administration of Policy Management Module of electronic Governance, Regulation and Compliance (eGRC) system. Trouble-shoot issues and determine enhancements for eGRC..Develop requirements and work with programmers to text eGRC enhancements.

2017 :

Optum

Associate Director Enterprise Information Security Policy Management

Coordination of policy review and approval process. This involves :

-Writing security guidelines, security standards and control standard requirements with subject matter experts.

-Partnering with legal and privacy for review of new content.

-Developed communications to announce new content.

Administration of Policy Management Module of electronic Governance, Regulation and Compliance (eGRC) system. Trouble-shoot issues and determine enhancements for eGRC.. Develop requirements and work with programmers to text eGRC enhancements.

Analysis of enterprise risk and compliance findings to determine if any changes in control standards are needed as a result of increased risk.

2015 : 2017

OPTUM

Lead Policy Analyst

Program management of annual enterprise platform entitlement review. Managed internal team of subject matter experts and third party vendor support.

Developing compliance monitoring program to measure and anlyze risk pertaining to IT security; incorporated increased audit rigor into process.

Analysis of risks as a result of annual threat readiness campaign. Monitoring of risk treatment follow-up. Determined and recommended risk reduction where appropriate in cases where risk reduction was associated with enterprise programs.

Requirements gathering and initial design of system to automate compliance and risk monitoring activities.

Process documentation for new risk register application.

Data analytics pertaining to various compliance and governance activities.

Manage incoming requests for technical and compliance risk asessments.

Data analytics and dashboard creation for vulnerbaility management progress.

Testing compliance creation for information security standards.

2012 : 2015

Optum

Senior Information Technology Security Consultant

Partnering with business and systems owners ensuring information security guidelines are met. Provides recommendations where application security does not meet guidelines by documentating remediation plans. Oversight of progress toward meeting security guidelines.

Analysis of data regarding information security exceptions. Development of reporting and graphical representation regarding security exception work. Development of dashboards representing key performance indicators.

Coordination of large-scale desktop and server patching. Gathering of and presentation of lessons learned for future process development.

2011 : 2012

UnitedHealth Group

Information Security Analyst
Company: Optum
Years of Experience: 26

Skills

business process improvement, Customer Service, Employee Relations, Information Technology, Management, PeopleSoft, Performance Management, PMP, Process Improvement, Project Management, Requirements Analysis, Risk Management, Security, Software Documentation, Training, Vendor Management

About

Experienced professional with human resource information systems background and experience managing small-scale projects. Additionally, I posess a broad project experience as a project team member as subject matter expert. I have worked on several company-wide systems related enhancements. I have participated in two Kaizens and am interested in 6Sigma certification. I am also interested in gaining addtional knowledge regarding Sarbanes-Oxley in reference to information security in the healthcare industry. My short-term goal is to receive CISSP certification.



Specialties: Process analysis and improvment, Metrics analysis, Executive dashboard development, requirements gathering, Crisis response, HTML, Sarbanes-Oxley, Information Security compliance, work transition