Strategic Cyber Threat Analyst - Remote or Hybrid from MN or DC

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together.

Join UnitedHealth Group if you want to be the first-line defense against securing the largest healthcare company in the world against security threats. We are focused on transformation by strengthening our cyber defenses, ransomware resiliency, mitigating vulnerabilities, and better securing all aspects of our company, globally. We are vigilant and passionate about protecting the sensitive data of our members and providers and are committed to leveraging every tool, partnership, and process needed to enhance our security posture. It is our duty to protect the information of those we serve and help fulfill our mission of making the health care system work better for everyone.  

As a Senior Cybersecurity Analyst on the Strategic Team within the Cyber Threat Intelligence Team, you will inform senior leadership and security teams about major cyber threats, trends, and key cybersecurity developments. Your experience in intelligence will support a variety of cross-cutting CTI projects, and your ability to effectively analyze and distill large datasets to draw out relevant trends and highlight risks to the organization is essential  provide timely, relevant, and actionable analysis to our stakeholders. Experience in cyber intelligence, threat landscape, and actor knowledge, combined with experience using intelligence platforms, performing trend and risk analysis, and writing clear, concise strategic reports are all key to success in this role.

You'll enjoy the flexibility to work remotely * from anywhere within the U.S. as you take on some tough challenges. For all hires in the Minneapolis or Washington, D.C. area, you will be required to work in the office a minimum of four days per week.

Primary Responsibilities:

• Monitor threat landscape to identify new trends and risks facing the industry, and tactics, techniques, and procedures employed by threat actors
• Manage intelligence requirements from internal stakeholders across operations, engineering, risk management, leadership, and others, soliciting feedback to continually drive improvements
• Provide relevant, timely, and actionable cyber threat analysis and support to senior leadership, requiring the ability to convey key assessments for both technical and non-technical audiences
• Perform research and collection across the intelligence spectrum to support requests for information from internal stakeholders and teams
• Conduct trending and correlation analysis across threat intelligence data to establish patterns, and identify proactive mitigations and countermeasures
• Develop threat intelligence reporting based on research and analysis on both a regular cadence and ad hoc as needed
• Develop, manage, optimize, and continuously improve processes to enhance the overall cyber threat intelligence function
• Identify and track threats targeting the organization and industry
• Support the broader enterprise during incidents and other threat monitoring activities providing intelligence context, expertise, and remediation recommendations
• Maintain relationships with external partners and other healthcare organizations
• Serve as a mentor to other intelligence analysts and facilitate collaboration on the team
• Independently run programs and projects on the team

You'll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.

Required Qualifications:

• 5+ years of combined experience in at least four of the following:
  • Experience using structured analytic techniques to help develop sound analytic conclusions
  • Experience using threat intelligence platforms and associated threat feeds, and collecting, analyzing, interpreting, and reporting threat data, with a focus on relevant geopolitical, industry, and business context
  • Experience mentoring and supporting junior analysts on analyzing and conveying cyber-related threats and risks to senior executives  
  • Analyzing, tracking, and reporting of cyber threats to industry, threat actors, and associated TTPs
  • Using the Diamond Model for Intrusion Analysis to cluster, track, and group threat activities. Using the Lockheed Martin Cyber Kill Chain to depict and analyze discreet phases of adversary operations. And using the MITRE ATT&CK framework of adversary operational TTP's to identify and categorize threat actor activity
  • Identifying connections between adversary tools, infrastructure, personas, and suspected affiliations using link analysis models
  • Open and/or closed source intelligence gathering methods and processes
• 5+ years of Cybersecurity experience
• Experience writing concise, informed strategic cyber threat intelligence reports for a range of audiences, including senior executives and both technical and non-technical stakeholders
• Experience briefing strategic cyber threat intelligence and trend analysis for a range of audiences, including senior executives and both technical and non-technical stakeholders

Preferred Qualifications:

• Security related certificates, such as: GCTI, CISSP, GPEN, GCIH, GREM
• Experience in a government or military intelligence agency
• Knowledge of various APT, cybercrime, and other advanced threat actors
• Knowledge of common intrusion tactics, techniques, and countermeasures
• Deep understanding of the current threat landscape and associated risks
• Understanding of conventions and models for intelligence attribution and intrusion clustering
• Proven threat concepts and frameworks (CVSS, CVE, MITRE ATT&CK, STIX/TAXII, YARA, FAIR)
• Proven ability to read, analyze and interpret general business periodicals, professional journals, technical procedures, or governmental regulations
• Proven ability to effectively present information and respond to questions from groups of employees, managers, clients, and customers
• Proven ability to interpret a variety of instructions furnished in written, oral, diagram or schedule form

*All employees working remotely will be required to adhere to UnitedHealth Group's Telecommuter Policy

Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, you'll find a far-reaching choice of benefits and incentives. The salary for this role will range from $91,700 to $163,700 annually based on full-time employment. We comply with all minimum wage laws as applicable.

Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants.

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.

UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations.

UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.