Principal Cybersecurity Analyst

$104,700 - $190,400/Yr

UnitedHealth Group - Minnetonka, MN

posted 4 months ago

Full-time - Principal
Remote - Minnetonka, MN
Insurance Carriers and Related Activities

About the position

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together. Join UnitedHealth Groups Enterprise Information Security (EIS) organization if you want to be the first-line defense against securing the largest healthcare company in the world against security threats. We are focused on transformation by strengthening our cyber defenses, ransomware resiliency, mitigating vulnerabilities, and better securing all aspects of our company, globally. We are vigilant and passionate about protecting the sensitive data of our members and providers and are committed to leveraging every tool, partnership and process needed to enhance our security posture. It is our duty to protect the information of those we serve and help fulfill our mission of making the health care system work better for everyone. You'll enjoy the flexibility to telecommute from anywhere within the U.S. as you take on some tough challenges.

Responsibilities

  • Identify and track threat campaigns targeting the organization
  • Able to communicate, identify and track cyber threat campaigns targeting the organization
  • Monitor threat landscape to identify new tactics, techniques and procedures employed by threat actors and update associated profiles
  • Analyze threats to identify artifacts, behaviors and indicators
  • Manage intelligence requirements from internal stakeholders across operations, engineering, risk management and others, soliciting feedback to continually drive improvements
  • Perform research and collection across the intelligence spectrum to support requests for information from internal teams
  • Develop threat intelligence reporting based on research and analysis
  • Develop, manage, optimize and continuously improve processes to enhance the overall cyber threat intelligence function
  • Support Cyber Defense and Engineering teams during incidents and other threat monitoring activities providing intelligence context, remediation recommendations and expertise
  • Maintain relationships with external partners such as the FBI, DHS, NH-ISAC, and other healthcare organizations
  • Serve as mentor to other intelligence analysts and an escalation point for analysis related events

Requirements

  • Bachelors Degree (or higher) OR 5+ years of Cybersecurity experience
  • 5+ years of combined experience in operational security techniques for conducting online research and analysis
  • Analyzing, tracking, and reporting of common threats and malware
  • Analyzing, tracking, and reporting of advanced threat actor groups and associated TTPs
  • Using the Diamond Model for Intrusion Analysis to cluster, track, and group threat activities
  • Lockheed Martin Cyber Kill Chain to depict and analyze discreet phases of adversary operations
  • MITRE ATT&CK framework of adversary operational TTP's
  • Identifying connections between adversary tools, infrastructure, personas, and suspected affiliations using link analysis models
  • Open and/or closed source intelligence gathering methods and processes
  • 5+ years of experience managing threat intelligence platforms and associated threat feeds coupled with collecting, analyzing, interpreting, and reporting threat data
  • 5+ years of experience independently leading multiple enterprise security projects
  • 4+ years of experience with security technologies such as SIEM, IDS/IPS, Snort, Suricata, Bro, etc.
  • 2+ years of working with Linux, OS X, UNIX, and Windows operating systems
  • 2+ years of experience mentoring and supporting junior analysts

Nice-to-haves

  • Security related certificates, such as: CISSP, GPEN, GCIH, GREM, GCTI
  • Knowledge of cyber threat models such as the Diamond Model of Intrusion Analysis and Cyber Kill Chain
  • Knowledge of various APT, cybercrime and other advanced threat actors
  • Deep understanding of the current threat landscape and associated risks
  • Understanding of conventions and models for intelligence attribution and intrusion clustering
  • Knowledge of common intrusion tactics, techniques, and countermeasures
  • Threat concepts and frameworks (CVSS, CVE, MITRE ATT&CK, STIX/TAXII, YARA, FAIR)
  • Experience with security technologies such as firewalls, email inspection and sandboxing, intrusion detection and preventions systems, endpoint detection and response
  • Experience with netflow data, network traffic and packet capture analysis
  • Ability to write reports, business correspondence and procedure manuals
  • Ability to read, analyze and interpret general business periodicals, professional journals, technical procedures, or governmental regulations
  • Ability to effectively present information and respond to questions from groups of employees, managers, clients, and customers
  • Ability to interpret a variety of instructions furnished in written, oral, diagram or schedule form

Benefits

  • Comprehensive benefits package
  • Incentive and recognition programs
  • Equity stock purchase
  • 401k contribution

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service