Website United HealthCare
The Cyber Defense Operations (CDO) team has identified an opportunity to significantly enhance the effectiveness of our current cyber defenses posture. The value proposition centers on the development of a holistic cyber defense model that requires alignment and integration of key technical resources, security functions and related processes. We are creating a state-of-the-art centralized cyber defense operating model which will manage the security threats across the enterprise effectively and consistently.
- Escalate issues to the Director, other Cyber Defense and Enterprise Information Security (EIS) teams
- Maintain knowledge of our security controls and tools used to identify and analyze potential threats
- Work on complex tasks assigned by leadership, which may involve coordination of effort among multiple teams
- Assist with investigations and escalation for complex or high severity security threats or incidents
- Work with Cyber Defense Engineering and other security teams to develop and tune correlation rules
- Ensure shift coverage for global 24/7 SOC capability in coordination with the SOC Leadership team
- Manage a team of analysts charged with threat monitoring, content development, and incident response support; serve as an escalation resource and mentor for SOC analysts
- Author and coordinate security status reports to provide system status, report potential and actual security violations and provide procedural recommendations
- Participate in knowledge sharing with other team members and industry collaboration organizations to advance the security monitoring program
- Review security incidents and reports produced by the team to maintain quality and consistency
- Experience in Leading teams /managing others with HR accountabilities.
- Advanced knowledge and expertise of Security Operation Center management and Incident Response.
- Ability to conduct multi-step breach and investigative analysis to trace the dynamic activities associated with advanced threats.
- 6 or more years of technical experience in Information Security and/or Cybersecurity
- Practical knowledge of Internet protocols, Firewalls, load balancers, Routers, Switches, intrusion detection/prevention systems (IDS/IPS systems).
Qualification & Experience:
- Advanced SIEM analysis and Incident Response
- College degree in related field or equivalent work experience.
- Advanced knowledge of threat landscape, malware, attack techniques, and indicators
- Moderate knowledge of Cloud, Firewall, Proxy, or DLP technology
- Moderate knowledge of network or endpoint forensics
- Security Certifications: GIAC (SANS), ISC2, CompTIA, EC Council, ISACA, CSA
Company: United HealthCare
Vacancy Type: Full Time
Job Location: Winston Saleem, NC, US
Application Deadline: N/A