Info Security Engineering Consultant – SIEM/SIR

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together

This role is analyst(s) for the Security Incident Response Team.  We require solid individual contributors that will investigate, analyze, and contain security incidents.

Primary Responsibilities:

• Manage security events and incidents via all intake mechanisms
• Provide security consultation to IT and business
• Security Incident management
• Remediate security control gaps
• Accomplish security related project goals identified via security events
• Participate in escalated events and manage security incident War Rooms
• Improve process and intake taxonomy
• Promote teamwork across the broader Optum Connect SecOps Team
• Participate in documentation review and continuous operational improvement
• Understand and respond to security alerts
• Able to collaborate with different security teams/non-security teams and acquired entities for remediation and containment
• To conduct and run Tabletop Exercises and document the process gaps
• Work on complete eradication of security incident
• Work with Security engineering team to build in security functionalities and to recognize next steps out of security incidents
• To conduct Lesson learned and post incident review activities
• To collaborate with Security Engineering team for fine tuning of use cases and security sensors
• To work on cloud security incidents (Azure, AWS and GCP) and should be well versed in cloud technologies and environment
• To understand, remediate and involve teams to patch vulnerabilities
• Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so

Required Qualifications:

• 5+ years experience in SIEM and log analysis
• 5+ years experience in Security Incident Response
• 4+ years experience in working on security sensors which includes proxy, email gateway, Anti-Virus and DLP
• Good experience in Client/vendor interaction
• Experience in handling major security breaches
• Good understanding of risk acceptance & risk exceptions
• Incident management exposer
• Solid planning and problem-solving skills
• Security Certification such as Security+, CEH, CISSP, AZ900, AWS
• Good knowledge of Security incident response process
• Good knowledge in Vulnerability management process
• Clear understanding on different attack vectors, malwares, OWASP 10 and other attack surfaces
• Good understanding on ITIL framework like Incident, Change, Problem

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone – of every race, gender, sexuality, age, location and income – deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes – an enterprise priority reflected in our mission.