At UnitedHealthcare, we’re simplifying the health care experience, creating healthier communities and removing barriers to quality care. The work you do here impacts the lives of millions of people for the better. Come build the health care system of tomorrow, making it more responsive, affordable and equitable. Ready to make a difference? Join us to start Caring. Connecting. Growing together. Enterprise Information Security (EIS) is focused on improving security across the enterprise. Much of what our team does involves close collaboration with engineers, interface designers, infrastructure, cloud teams, newly acquired companies and clinical partners. Our mission is to Protect the confidentiality, integrity, and availability of UnitedHealth Group’s Information assets through the implementation and management of an Enterprise Information Security Program. We are committed to building and maintaining the trust and confidence of our customers and our stakeholders. It is our duty to protect the information of those we serve and help fulfill our mission of making the health care system work better for everyone. The Senior Cybersecurity Analyst conducts security event analytics, insider threat monitoring, log analysis, host-based forensics, incident response, and case management. You’ll enjoy the flexibility to work remotely * from anywhere within the U.S. as you take on some tough challenges. Primary Responsibilities: Responds to security events or incidents and implements countermeasures to reduce and/or mitigate further exposure Triage data of anomalous events collected by User Activity Monitoring UAM Tool Elevate anomalous events of concern Work to filter out things such as false positives and known accepted activities Leads and manages security investigations from discovery to resolution and works as an incident response manager for security incidents Creates reports to display trends and overall statistics based on correlated security incidents and event data to produce monthly exception and management reports Creates and implements standard operating procedures and processes to help streamline investigations, daily monitoring, and analysis research to ensure all analysts are effective and following the same guidelines Participate in all proof-of-concept product testing to deciding how the product/tool can be integrated into daily activities, forensics investigations and how it impacts the team Experience with Cyber, Insider Threat and Policy Violation Investigations, and conducting eDiscovery investigations Proficiency in cyber threat exploitation patterns, from discovery through establishing a persistent presence Hands-on experience with a Security Information and Event Monitoring (SIEM) platforms and log management systems that perform log collection, analysis, correlation, and alerting You’ll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in. Required Qualifications: Bachelor’s degree in a related technical field or equivalent practical experience 3+ years of hands-on in-depth knowledge and technical experience in security operations including: investigations, incident response, incident management, digital forensics, threat intelligence, threat hunting, and/or detection engineering Experience with Insider Threat technologies (SIEMs, Data Loss Prevention solutions, host forensic solutions) Experience automating security detection and response Exposure to data science and analytics solutions applicable to the insider threat detection space Knowledge and familiarity of the Cyber Kill Chain Framework and MITRE ATT&CK Framework and how these apply to the insider threat landscape Track record of being self-motivated and a creative problem-solver, able to work independently with minimal guidance Demonstrated ability to work calmly and collaboratively in critical high-stress situations with expediency Demonstrated high skill level in organizational, prioritization, and multitasking skills Preferred Qualifications: 2+ years of experience with Security Information and Event Management (SIEM) 2+ years of experience with Data Loss Prevention (DLP) Software 2+ years of experience with User and Entity Behavioral Analytics (UEBA) 2+ years of experience with Incident Response Platforms (IRP) 2+ years of experience with General Forensic Toolsets *All employees working remotely will be required to adhere to UnitedHealth Group’s Telecommuter Policy California, Colorado, Connecticut, Hawaii, Nevada, New Jersey, New York, Rhode Island, or Washington Residents Only: The salary range for this role is $88,000 to $173,200 annually. Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. UnitedHealth Group complies with all minimum wage laws as applicable. In addition to your salary, UnitedHealth Group offers benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with UnitedHealth Group, you’ll find a far-reaching choice of benefits and incentives. Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone–of every race, gender, sexuality, age, location and income–deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission. Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law. UnitedHealth Group is a drug – free workplace. Candidates are required to pass a drug test before beginning employment.
Prioritization Case Management Data Science SIEM Self-motivation Incident response Multitasking remote work Standard Operating Procedure (SOP) irp log-analysis Cybersecurity Cyber threats Organizational skills