Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data, and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits, and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together. Positions in this function are involved in the body of technologies, processes, and practices designed to protect and defend networks, computers, programs, and data from attack, damage, theft, or unauthorized access, including firewall, digital forensics, investigative services, and incident management. You will enjoy the flexibility to telecommute* from anywhere within the U.S. as you take on some tough challenges. Primary Responsibilities: Perform incident response, with a primary focus of eliminating the threat to the network and determining the cause of the security incident while preserving evidence for further analysis Ensure incidents are handed in a manner that is consistent with established playbooks Monitors SIEM and logging for alerts of potential network threats, intrusions, and/or compromises Responsible for understanding the global threat environment and general security best practices Assists with triage of service requests from automated sensors and internal requests for assistance Participates in active cyber hunting to identify and eliminate known and unknown network threats Interface with technical personnel from various disciplines to rapidly resolve critical issues Appropriately inform and advise leadership of incidents and propose effective response and/or countermeasures for containment Participate in knowledge sharing with other security engineers and partner Identify, document, and recommend new or revised incident response playbooks Drive continuous improvement of processes and procedures to improve analysis, detection, and mitigation of incidents in support of the overall Cyber Defense mission Create and drive action plans to address recurring or ongoing information security incidents Develop and maintain reporting metrics used to measure team performance, ensure analyst adherence to processes/procedures for operational consistency, identify process improvements, coaching, training, and professional development of the staff Participate in the planning and implementation of information security technology projects. Serve as point-person and subject matter expert for issues and projects related Cyber Security Counter Threat Operations Ability to work either in-office or remotely with minimal supervision, prioritize intake via multiple methods that include SIEM’s, email, chat, text messages, telephone calls and work queues Collaboration as appropriate with leadership and other key stakeholders You’ll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in. Required Qualifications: High School Diploma/GED (or higher) 6+ months of experience in the following: Industry recognized analysis frameworks (Kill Chain, Diamond Model, MITRE ATT&CK, NIST Incident Response, etc.) C+, Python, PS, Bash, or Java Fundamental security and network concepts (Operating systems, intrusion/detection, TCP/IP, ports, etc.) Willingness & ability to work in a team-oriented 24/7 SOC environment; flexibility to work on a rotating schedule (including occasional shift work) Preferred Qualifications: Experience with network monitoring in a SOC environment Security certifications (e.g., Security+, CCNA Cyber Ops, GCIA, GCIH, CEH, CySA+, OSCP, etc.) Experience and knowledge conducting cyber threat analysis originating from phishing emails Previous experience working with network tools and technologies such as firewall (FW), proxies, IPS/IDS devices, full packet capture (FPC), and email platforms Efficient triage and documentation during incident response to effectively brief teammates, shift lead and supervisory levels BS in Computer Science, Computer Engineering, Cyber Security, Forensics and/or equivalent work experience *All Telecommuters will be required to adhere to UnitedHealth Group’s Telecommuter Policy. California, Colorado, Nevada, Connecticut, New York, New Jersey, Rhode Island, Hawaii or Washington Residents Only: The salary range for California, Colorado, Nevada, Connecticut, New York, New Jersey, Rhode Island or Washington residents is $58,300 to $114,300 per year. Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. UnitedHealth Group complies with all minimum wage laws as applicable. In addition to your salary, UnitedHealth Group offers benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with UnitedHealth Group, you’ll find a far-reaching choice of benefits and incentives. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone–of every race, gender, sexuality, age, location, and income–deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups, and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission. Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity / Affirmative Action employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law. UnitedHealth Group is a drug – free workplace. Candidates are required to pass a drug test before beginning employment.
#RPO #GREEN
network-tools Incident management SIEM Incident response Computer Engineering Computer Science CompTIA Security+ Certified Ethical Hacker (CEH) Information security proxies OffSec Certified Professional (OSCP) Security network-monitoring Cybersecurity Firewalls