Principal Reverse Engineer – Remote

UnitedHealth Group is a health care and well-being company that’s dedicated to improving the health outcomes of millions around the world. We are comprised of two distinct and complementary businesses, UnitedHealthcare and Optum, working to build a better health system for all. Here, your contributions matter as they will help transform health care for years to come. Make an impact with a diverse team that shares your passion for helping others. Join us to start Caring. Connecting. Growing together.

Join UnitedHealth Groups Enterprise Information Security (EIS) organization if you want to be the first-line defense against securing the largest healthcare company in the world against security threats.  We are focused on transformation by strengthening our cyber defenses, ransomware resiliency, mitigating vulnerabilities, and better securing all aspects of our company, globally.  We are vigilant and passionate about protecting the sensitive data of our members and providers and are committed to leveraging every tool, partnership and process needed to enhance our security posture.  It is our duty to protect the information of those we serve and help fulfill our mission of making the health care system work better for everyone. 

The Principal Reverse Engineer will join the Reverse Engineering unit, which is part of our Cyber Threat Intelligence Team and involved in the body of technologies, processes, and practices designed to protect and defend networks, computers, programs, and data from attack, damage, theft, or unauthorized access, including firewall, digital forensics, investigative services, and incident management.

You’ll enjoy the flexibility to work remotely * from anywhere within the U.S. as you take on some tough challenges. 

Primary Responsibilities:

• Perform dynamic and static malware analysis using non-automated sandboxes
• Contribute to the internal reverse engineering playbooks
• Design and assess procedures for effective malware analysis
• Monitor threat feeds for relevant information
• Monitor threat landscape to identify new tactics, techniques and procedures employed by threat actors and update associated profiles
• Manage intelligence requirements from internal stakeholders across operations, engineering, risk management and others, soliciting feedback to continually drive improvements
• Perform research and collection across the intelligence spectrum to support requests for information from internal teams
• Contribute to threat intelligence reports regarding current activities
• Develop, manage, optimize and continuously improve processes to enhance the overall cyber threat intelligence function
• Support Incident Response and Engineering teams during incidents and other threat monitoring activities providing intelligence context, remediation recommendations and expertise
• Maintain relationships with external partners such as the FBI, DHS, NH-ISAC, and other healthcare organizations

You’ll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.

Required Qualifications:

• 5+ years of combined experience in the following:
  • Operational security techniques for techniques for conducting online research and analysis
  • Analyzing, tracking, and reporting of common threats and malware
  • Analyzing, tracking, and reporting of advanced threat actor groups and associated TTPs
  • Using the Diamond Model for Intrusion Analysis to cluster, track, and group threat activities
  • Lockheed Martin Cyber Kill Chain to depict and analyze discreet phases of adversary operations
  • MITRE ATT&CK framework of adversary operational TTP’s
  • Identifying connections between adversary tools, infrastructure, personas, and suspected affiliations using link analysis models. 5+ years of experience managing threat intelligence
  • platforms and associated threat feeds coupled with collecting, analyzing, interpreting, and reporting threat data
• 5+ years of hands on experience performing dynamic malware analysis
• 5+ years working with Linux, OS X, UNIX, and Windows operating systems
• 5+ years of experience utilizing decompilers such as Ghidra, IDA Pro, or Binary Ninja
• 5+ years of experience with security technologies such as Sysmon, Procmon, FlareVM toolset, etc.
• 2+ years of experience mentoring and supporting junior analysts 

Preferred Qualifications:

• Bachelor’s degree 
• GIAC Reverse Engineering Malware Certification (GREM) or other related certifications

*All employees working remotely will be required to adhere to UnitedHealth Group’s Telecommuter Policy 

The salary range for this role is $106,800 to $194,200 annually based on full-time employment. Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. UnitedHealth Group complies with all minimum wage laws as applicable. In addition to your salary, UnitedHealth Group offers benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with UnitedHealth Group, you’ll find a far-reaching choice of benefits and incentives.

Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants.

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone–of every race, gender, sexuality, age, location and income–deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission.

UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations.

UnitedHealth Group is a drug – free workplace. Candidates are required to pass a drug test before beginning employment.