Use your skills, experience and talents as a part of a groundbreaking, forward thinking, visionary cyber security operation.This position processes vulnerability and threat data from a variety of sources to provide actionable intelligence to internal consumers. These consumers use the information to implement countermeasures and maintain and enhance the defenses for our information systems and resources. In this important position, you will keep it possible for the organization to defend its assets with clear vision and situational awareness in a persistent, dynamic, and highly complex threat environment.

Will work on the Data Utilization team as a Sr. SecOps Engineer, on a set (5x8 day) shift plus additional time (as required).

Primary Responsibilities:

• Create, optimize, maintain, and document security content on SIEM platforms
• Design new detection techniques and improve current capabilities
• Identify gaps within existing security tools and recommend additional mitigations
• Contribute to large security projects and initiatives in a partnership role across multiple lines of service and business units.
• Analyze security logs, monitoring logs, firewall logs, intrusion prevention system logs, and network and correlate logs using numerous database query techniques and tools
• Demonstrated experience working with network, host, and user activity data, assessing norms and identifying anomalies
• Create process to baseline and normalize log data across corporate networks
• Develop, deploy, filter, and maintain detection rules for alerting
• Drive onboarding of new logs into SIEM/Log collection tools
• Be able to work on-call rotations in a 24/7/365 environment
• Work with the security team to create reports and analyze data to effectively present the current security environment
• Stay abreast of the latest monitoring technology and trends
  
  

• 5 or more years IT security work experience
• Maintains technical knowledge within areas of expertise
• Stays current with new and evolving technologies via formal training and self-directed education
• 3 or moreyears of working experience with large SIEM environment
• Working experience with log collection and SIEM platforms
• Working experience with SIEM use case/content creation
• Strong knowledge of host and network forensic tools and techniques
• Working knowledge of threat actors, TTP'S, IOC's

Preferred:

• Working experience with data collection and normalization concepts
• Proficiency in one or more scripting languages: javascript, python, PowerShell is preferred
• Strong knowledge of information security and networking
• Experience with malware analysis and understanding of attack techniques
• Experience interpreting, searching, and manipulating data within enterprise logging/SIEM solutions
• Working knowledge of Cloud technologies
• At least one of the following certifications or equivalent experience: GCFA, GCIH, GCIA, GPEN, CEH, CISSP, CISM, CCNA and/or CISA certification
• BA/BS or equivalent experience information security or computer sciences
  
  

Technology Careers with Optum. Information and technology have amazing power to transform the health care industry and improve people's lives. This is where it's happening. This is where you'll help solve the problems that have never been solved. We're freeing information so it can be used safely and securely wherever it's needed. We're creating the very best ideas that can most easily be put into action to help our clients improve the quality of care and lower costs for millions. This is where the best and the brightest work together to make positive change a reality. This is the place to do your life's best work.^SM

Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.