Principal Security Risk

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start **Caring. Connecting. Growing together.**

**Primary Responsibility**:
***SCA is seeking a SIEM Analyst with in-depth expertise in monitoring and analyzing security events and alerts from Elastic SIEM, Office 365, and Microsoft Defender. The SIEM Analyst will be responsible for after-hours monitoring and ensuring timely detection and response to security incidents.
This position is primarily responsible for:

- Continuously monitoring Elastic SIEM for security events and alerts.
- Reviewing Microsoft Defender alerts for malicious activities and potential breaches.
- Investigating and responding to security incidents in a timely manner.
- Documenting and escalating incidents as necessary according to the incident response plan.
- Collaborating with the incident response team to mitigate and resolve security threats.
- Proactively identifying and analyzing emerging threats and vulnerabilities.
- Conducting threat hunting activities to detect unknown or suspicious activities within the environment.
- Developing and maintaining scripts to automate repetitive monitoring and response tasks.
- Utilizing tools and APIs to integrate and enhance security monitoring capabilities.
- Maintaining detailed documentation of incidents, investigations, and response actions.
- Preparing and presenting reports on security incidents and trends to management.
- Continuous Improvement:

- Keeping up to date with the latest security trends, threats, and technologies.
- Providing recommendations for improving security monitoring and response processes
- Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so

**Required Qualifications**:

- Experience with Elastic SIEM, Office 365 security tools, and Microsoft Defender.
- Strong understanding of cybersecurity principles and incident response methodologies.
- Proficiency in scripting languages such as Python or PowerShell.
- Familiarity with API integrations and automation tools.
- Excellent analytical and problem-solving skills.
- Strong communication and documentation abilities.
- Ability to work independently and handle after-hours monitoring responsibilities.
- At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission._