Join UnitedHealth Groups Enterprise Information Security (EIS) organization if you want to be the first-line defense against securing the largest healthcare company in the world against security threats. We are focused on transformation by strengthening our cyber defenses, ransomware resiliency, mitigating vulnerabilities, and better securing all aspects of our company, globally. We are vigilant and passionate about protecting the sensitive data of our members and providers and are committed to leveraging every tool, partnership and process needed to enhance our security posture. It is our duty to protect the information of those we serve and help fulfill our mission of making the health care system work better for everyone. The primary mission of the Cyber Threat Hunting team is to proactively identify tactics and techniques leveraged by attackers to identify security incidents. Additionally, this position is also expected to participate in other areas within Cyber Defense Operations such as Digital Forensics, detection engineering, Hunt Plan development, etc. The Senior Threat Analyst will serve as a Subject Matter Expert (SME) in multiple areas of Incident Response and Security Operations. You will enjoy the flexibility to telecommute* from anywhere within the U.S. as you take on some tough challenges. Primary Responsibilities: This person will be the senior analyst on the Cyber Threat Hunting team at United Healthcare. The candidate will be responsible for providing expert level Analysis of network data (packets, logs) and endpoint data (logs, malicious artifacts) in both structured and unstructured methods Analysis of malware (executables, scripts, etc.) to determine indicators of compromise, and create signatures for future detection of similar samples Creating Threat Hunting Playbooks and Use Cases to proactively identify threats affecting UHG networks Participate in exercises to simulate attacks and determine responsiveness of processes and procedures Creating a feedback loop with security control owners to help tune systems based on the results of investigations Acting as a high tier escalation point for security incidents to provide technical expertise to the incident response process Develop content within tools to detect anomalous activity (SIEM Content, Custom Signatures, etc.) Identify and understand new environments and tooling You’ll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in. Required Qualifications: 5+ years of Cyber Security experience which includes the following: Fundamental understanding of application protocols ( DNS, FTP, etc.) and networking protocols (TCP, UDP, ARP, ICMP, etc.), and be comfortable analyzing packet capture (pcap) files in tools such as Wireshark Fundamental understanding of digital forensics as applied to host-based forensics, memory forensics, network forensics, and cloud forensics Knowledge of operating system internals (virtual memory, paging, etc.) and techniques employed by malware to evade detection Experience in Threat Hunting and/or Reverse Engineering malware Translate complex technical concepts into plain English for consumption by non-technical audiences Preferred Qualifications: Industry certifications such as CISSP or GCIH Undergraduate degree *All Telecommuters will be required to adhere to UnitedHealth Group’s Telecommuter Policy. California, Colorado, Nevada, Connecticut, New York, New Jersey, Rhode Island, Hawaii, Washington, or Washington, D.C. Residents Only : The hourly range for California, Colorado, Nevada, Connecticut, New York, New Jersey, Rhode Island, Hawaii, Washington or Washington, D.C. residents is $88,000 to $173,200 per year. Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. UnitedHealth Group complies with all minimum wage laws as applicable. In addition to your salary, UnitedHealth Group offers benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with UnitedHealth Group, you’ll find a far-reaching choice of benefits and incentives. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone–of every race, gender, sexuality, age, location, and income–deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups, and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission. Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity / Affirmative Action employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law. UnitedHealth Group is a drug – free workplace. Candidates are required to pass a drug test before beginning employment. #RPO, #Green
remote work reverse-engineering Incident response Cyber threats Cybersecurity