As a Cybersecurity Incident Response Lead, you will serve as a senior individual contributor within IQVIA’s Cybersecurity organization, leading complex digital forensics and incident response activities across a global, follow‑the‑sun operating model. Acting as a primary backup to the Incident Response Leader, you will coordinate high‑impact investigations and drive executive‑level communications. You will collaborate closely with Legal, Data Privacy, and senior business stakeholders to manage major cybersecurity incidents, deliver clear and timely updates, and strengthen the overall maturity and resilience of IQVIA’s security posture. If you are an experienced incident responder who thrives on leading complex investigations and communicating confidently with senior stakeholders, this could be the role for you. Read on to see how you can make an immediate impact within our Cybersecurity team. Responsibilities: Support and enhance the global Information Security Incident Response process in partnership with internal and external stakeholders Lead complex cybersecurity investigations, delivering clear summary reports and timely stakeholder updates Communicate incident findings and recommended actions to senior stakeholders, including Legal and Data Privacy Identify, propose, and implement improvements to technical security controls, systems, and processes Contribute to the development and documentation of operational procedures, playbooks, and performance metrics Analyze outputs from security tools (e.g., vulnerability assessments, threat intelligence) and produce insights to strengthen security safeguards Provide expert analysis across incident detection, response, containment, recovery, and post‑incident review Operate and optimize key security technologies including firewalls, EDR, IPS, malware prevention, DLP, vulnerability management, access control, and event monitoring Experience, Qualifications and Skills:

• Own the strategy and maturity roadmap for corporate monitoring, detection engineering, and operational security metrics. Define logging standards, detection coverage expectations, and measurable performance indicators for the team. • Lead and develop Corporate Security Operations Analysts and the Corporate Threat Hunter & Detection Analyst through coaching, clear performance expectations, and structured feedback. Remove blockers, improve workflows, and ensure the team is focused on high-impact work. • Continuously improve alert quality, detection coverage, triage workflows, and operational automation. Reduce false positives, strengthen telemetry visibility across corporate SaaS and infrastructure, and ensure monitoring outputs are accurate and defensible. • Partner with Security Engineering, IT, Compliance, and leadership to ensure monitoring supports configuration baselines, vulnerability management efforts, and regulatory commitments. Provide clear, actionable insight during investigations and ongoing risk discussions. • Establish consistent operational rhythms for reporting, detection reviews, and after-action analysis. Maintain structured documentation, metric reporting, and continuous improvement processes that strengthen operational maturity over time.

Requisition Number: 2343049 Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. The Associate Director, Corporate Security Field Safety will report to the Senior Director Corporate Security, Technology and Enablement, and is critical to supporting the safety and security of our workforce, with a specific focus on employees who operate outside of a traditional office environment. As a part of the Corporate Security Operations team, you will be partnering with internal security teams as well as business units within Optum and UHC to provide employee safety programs and tools. You'll have the opportunity to work with and lead different technological solutions to creatively address safety concerns and issues faced by UHG employees. This role combines analytical, organizational, and leadership skills to oversee strategic projects and cultivate an environment of urgency, commitment, and innovation. Success of this role will entail the ability to create and execute a strategy to bring all business entities along on the safety central program. This will require strong program management skills as well as building strong trusted relationships across the organization, while optimizing business collaboration by bringing to life a strategy of continuous improvement. You'll enjoy the flexibility to work remotely * from anywhere within the U.S. as you take on some tough challenges. For all hires in the Minneapolis or Washington, D.C. area, you will be required to work in the office a minimum of four days per week. Primary Responsibilities: Strategic Leadership & Vision Collaborate with stakeholders to articulate the value and importance of safety programs for staff Evaluate solutions strategically, ensuring seamless integration and balancing value against cost throughout development Lead strategy and readiness for expansion into additional lines of business, factoring in specific product or workforce differences Serve as a Safety and Security champion and apply deep expertise to credibly represent, manage and engage with business(es) Ability to influence without authority to gain support and buy-in for implementation of safety solutions and programming Driving design strategies & evolve roadmap to ensure continuous innovation and improvement of safety program offerings Operations & Governance Oversee operations and manage ongoing performance of incident assessment program for safety issues, concerns, and escalations experienced by patient-facing staff. Act as business owner for program application technology, maintaining roadmap and enhancement backlog, provide requirement and solutioning support, and managing issue and defect remediation in partnership with development and operations teams Required Qualifications: 10+ years of relevant security experience 5+ years of project management experience with a proven track record in managing large scale complex programs Proven experience in program strategy or capability management Demonstrated communication skills and experience communicating at Leadership levels Demonstrated ability to engage team members in a cross-functional, virtual environment Ability to influence results without direct authority in a matrixed environment Proficient in MS Office Suite (Project, Excel, Visio, PowerPoint, SharePoint, Smartsheet) Demonstrated ability leading direct reports Preferred Qualifications: Certifications: Six Sigma Black or Green Belt Experience with mergers and acquisitions Familiarity with Security technology, asset protection, or loss prevention experience *All employees working remotely will be required to adhere to UnitedHealth Group's Telecommuter Policy. Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, you'll find a far-reaching choice of benefits and incentives. The salary for this role will range from $112,700 to $193,200 annually based on full-time employment. We comply with all minimum wage laws as applicable. Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission. UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. UnitedHealth Group is a drug - free workplace. Candidates are required to pass a drug test before beginning employment.

• Design and continuously improve detection and alerting controls, ensuring high fidelity and contextual relevance to reduce noise and enable rapid response. • Build, test, and automate incident response playbooks and runbooks, increasing efficiency and consistency across the incident lifecycle. • Drive prioritization of alerts using a data-driven, scalable triage framework, aligned with business impact and threat context. • Lead in-depth investigations, including root cause analysis and digital forensics, and convert findings into actionable insights to strengthen detection and resilience. • Proactively engage in threat intelligence and threat hunting, identifying new tactics, techniques, and procedures (TTPs), enriching existing controls, and feeding insights into the detection pipeline. • Own incident handling from detection to resolution, collaborating with engineering, IT, and business teams to contain, eradicate, and recover from threats. • Define and maintain operational metrics for incident response, using them to drive continuous improvement in speed, accuracy, and organizational readiness.