UnitedHealth Group IT Associate Cybersecurity Analyst (Night Shift) Chaska, MN or Raleigh, NC in Chaska, Minnesota

The Cyber Security Analysts support information security policies, standards and procedures to secure and protect data residing on systems. Work directly with user departments to implement procedures and systems for the protection, conservation and accountability of proprietary, personal or privileged electronic data. Generally work is self-directed and not prescribed. Works with less structured, more complex issues. Summary: The SOC Cyber Security Analyst is part of a 24x7 team equipped with unique expertise and tools to monitor, triage, analyze, escalate and remediate potential threats and vulnerabilities.

Positions in this function are involved in the body of technologies, processes, and practices designed to protect and defend networks, computers, programs, and data from attack, damage, theft, or unauthorized access, including firewall, digital forensics, investigative services, and incident management.

Please note, this position is based in Chaska, MN or Raleigh, NC and is not a telecommute role. The work days are Monday, Tuesday, Wednesday, Thursday overnight 10:00 PM to 8:00 AM four 10 hour shifts.

Job Responsibilities

  • Perform incident response, with a primary focus of eliminating the threat to the network and determining the cause of the security incident while preserving evidence for further analysis

  • Ensure incidents are handed in a manner that is consistent with established playbooks

  • Monitors SIEM and logging for alerts of potential network threats, intrusions, and/or compromises

  • Responsible for understanding the global threat environment and general security best practices

  • Assists with triage of service requests from automated sensors and internal requests for assistance

  • Participates in active cyber hunting to identify and eliminate known and unknown network threats

  • Interface with technical personnel from various disciplines to rapidly resolve critical issues

  • Appropriately inform and advise leadership of incidents and propose effective response and/or countermeasures for containment.

  • Participate in knowledge sharing with other security engineers and partner.

  • Identify, document, and recommend new or revised incident response playbooks

  • Drive continuous improvement of processes and procedures to improve analysis, detection, and mitigation of incidents in support of the overall Cyber Defense mission

  • Create and drive action plans to address recurring or ongoing information security incidents.

  • Develop and maintain reporting metrics used to measure team performance, ensure analyst adherence to processes/procedures for operational consistency, identify process improvements, coaching, training and professional development of the staff.

  • Participate in the planning and implementation of information security technology projects. Serve as point-person and subject matter expert for issues and projects related Cyber Security Counter Threat Operations.

  • Collaboration as appropriate with leadership and other key stakeholders

Required:

  • Knowledge of industry recognized analysis frameworks (Kill Chain, Diamond Model, MITRE ATT&CK, NIST Incident Response, etc.)

  • BS in Computer Science, Computer Engineering, Cyber Security, Forensics and/or equivalent work experience

  • Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and adaptive learning

  • Thorough understanding of fundamental security and network concepts (Operating systems, intrusion/detection, TCP/IP, ports, etc.)

  • Willing to work in a team-oriented 24/7 SOC environment; flexibility to work on a rotating schedule (including occasional shift work)

Preferred:

  • Experience with network monitoring in a SOC environment

  • Security certifications (e.g. Security+, GCIA, GCIH, CEH, CFCE, OSCP, etc.)

  • Experience and knowledge conducting cyber threat analysis originating from phishing emails

  • Previous experience working with network tools and technologies such as firewall (FW), proxies, IPS/IDS devices, full packet capture (FPC), and email platforms

  • Effective organizational, analytical and independent problem solving skills

Technology Careers with Optum. Information and technology have amazing power to transform the health care industry and improve people's lives. This is where it's happening. This is where you'll help solve the problems that have never been solved. We're freeing information so it can be used safely and securely wherever it's needed. We're creating the very best ideas that can most easily be put into action to help our clients improve the quality of care and lower costs for millions. This is where the best and the brightest work together to make positive change a reality. This is the place to do your life's best work. SM

Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.

UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.