UnitedHealth Group is a healthcare and well-being company that’s dedicated to improving the health outcomes of millions around the world. We are comprised of
Principal Information Security Engineer
Location
United States
Posted
46 days ago
Salary
$112K - $193K / year
Seniority
Lead
Job Description
Principal Information Security Engineer
UnitedHealth Group
Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together. You will enjoy the flexibility to telecommute* from anywhere within the U.S. as you take on some tough challenges. Primary Responsibilities: - Serve as the functional subject matter expert for the Palo Alto Networks firewall and firewall policies - Making critical decisions on enterprise security policies - Utilizing the security monitoring tools to support audits (Ex: AlgoSec, Firemon) - Reporting and reviewing the compliance status and taking remediation actions - Determine the severity and complexity of issues pertaining to the security and protection of systems data, (autonomously or as part of a team) to ensure the protection, conservation and accountability of proprietary, personal, or privileged electronic data - Collaborate with directors, managers, and other technical personnel to ensure mitigation of security risks pertaining to the company - Evaluates and develops secure solutions, based on approved security architectures and standards - Promote continued integration of technological advances to further enhance security and reduce risks - Consults on various projects regarding secure design standards and security information management - Develop and direct implementation of security standards and best practices for the organization - Evaluates analysis of suggested solutions and innovative approaches to complex issues, as well as complex conceptual analysis, ensuring implementation - Plans, conducts, and responds to internal and external cyber security audits and questionnaires; interprets and documents audit results; recommends and implements corrective actions - Participate with cyber security analysts and architects, providing guidance and expertise in incident/issue response and resolution methodology - Defines, implements, audits, and maintains firewall security policies - Promote the development of innovative approaches and solutions to complex problems and issues - Works on highly complex projects and tasks that require in-depth knowledge of one or more specialized architecture areas such as security, applications, information, solution and business - Serve in a supervisory capacity, provide lead direction, ensuring the formulation and implementation of procedures and systems You’ll be rewarded and recognized for your performance in an environment that will challenge you and give you clear directions on what it takes to succeed in your role as well as provide development for other roles you may be interested in. Required Qualifications: - Associate’s degree - 7+ years of experience with Palo Alto Firewall - 5+ years of Cloud Security experience - 5+ years of Security Architect experience - 5+ years of Firewall rule/policy compliance and governance experience - 5+ years of Firewall rule analysis and remediation experience - 5+ years of communication skills with team and customer engagement Preferred Qualifications: - Splunk experience - AlgoSec experience - Leadership skills - Basic coding capabilities Soft Skills: - Team player *All Telecommuters will be required to adhere to UnitedHealth Group’s Telecommuter Policy. Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, you’ll find a far-reaching choice of benefits and incentives. The salary for this role will range from $112,700 to $193,200 annually based on full-time employment. We comply with all minimum wage laws as applicable. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone–of every race, gender, sexuality, age, location, and income–deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups, and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission. UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. UnitedHealth Group is a drug - free workplace. Candidates are required to pass a drug test before beginning employment. #RPO #GREEN
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Senior Corporate Security Engineer
NexthinkUnparalleled Visibility Into Issue Detection, Diagnosis, and Remediation
• As a Senior Corporate Security Engineer at Nexthink, you will be responsible for the security of our internal environment. • You will be architecting the security fabric that enables our rapid growth. • Working in close partnership with IT, business teams and partnering with our Cloud and Application Security teams, you will secure the identity, devices, and applications used by "Nexthinkers" worldwide. • You will own the security of a complex SaaS ecosystem, and lead detection and response for the corporate environment. • Contribute to the design and support the implementation of passwordless authentication and Zero Trust principles. • Manage secure provisioning and lifecycle management, ensuring least-privilege access across all business systems. • Define and enforce security baselines for our diverse fleet of endpoints (Windows, macOS) and mobile devices via MDM (Intune/Jamf). • Proactively identify and mitigate security risks in our corporate environment, conducting regular security assessments and vulnerability scans. • Lead incident response activities for corporate security events (phishing, malware, lost devices).
Senior Corporate Security Engineer
NexthinkUnparalleled Visibility Into Issue Detection, Diagnosis, and Remediation
• Identity-Centric Security Architecture: Contribute to the design and support the implementation of passwordless authentication and Zero Trust principles. • Manage secure provisioning and lifecycle management, ensuring least-privilege access across all business systems. • Partner with HR and IT to streamline onboarding/offboarding workflows, ensuring timely access revocation and auditability. • Define and enforce security baselines for our diverse fleet of endpoints (Windows, macOS) and mobile devices via MDM (Intune/Jamf). • Manage and tune EDR/XDR solutions to ensure high-fidelity detection on workstations and servers (Windows, Linux, macOS). • Proactively identify and mitigate security risks in our corporate environment, conducting regular security assessments & vulnerability scans. • Lead incident response activities for corporate security events (phishing, malware, lost devices). • Develop automation scripts (Python/PowerShell) and workflows (SOAR) to automate manual security tasks, evidence collection, and response actions.
Senior Corporate Security Engineer
NexthinkUnparalleled Visibility Into Issue Detection, Diagnosis, and Remediation
• Identity-Centric Security Architecture: Contribute to the design and support the implementation of passwordless authentication and Zero Trust principles. • Manage secure provisioning and lifecycle management, ensuring least-privilege access across all business systems. • Partner with HR and IT to streamline onboarding/offboarding workflows, ensuring timely access revocation and auditability. • Define and enforce security baselines for our diverse fleet of endpoints (Windows, macOS) and mobile devices via MDM (Intune/Jamf). • Manage and tune EDR/XDR solutions to ensure high-fidelity detection on workstations and servers (Windows, Linux, macOS). • Secure the corporate Azure footprint, ensuring proper configuration of subscriptions, networking, and resources distinct from our production product environment. • Proactively identify and mitigate security risks in our corporate environment, conducting regular security assessments and vulnerability scans. • Coordinate vulnerability management and patch management. • Collaborate with IT to automate endpoint compliance checks and remediation workflows. • Support the development and maintenance of Infrastructure-as-Code. • Ensure hardening and compliance of endpoints and servers. • SaaS Security & Integration: Assess and secure third-party SaaS integrations (e.g., Salesforce apps, browser extensions, productivity tools) to prevent data leakage and over-privileged access. • Collaborate with Legal and Compliance to vet new vendors and tools. • Configure and maintain CASB and DLP policies to safeguard sensitive corporate data without hindering productivity. • Lead incident response activities for corporate security events (phishing, malware, lost devices). • Develop automation scripts (Python/PowerShell) and workflows (SOAR) to automate manual security tasks, evidence collection, and response actions. • Proactively hunt for threats within the corporate network and identity providers. • Develop incident response playbooks including technology specific procedures and forensics collection. • Design and implement security controls to safeguard corporate resources, including endpoints, data storage, networking, computing and identity and access management. • Support and automate evidence collection for audits. • Act as the primary security liaison to the IT Department and business teams, helping them build security into their operations (DevSecOps for IT). • Design and deliver technical security training and awareness campaigns for engineering and business teams.
• Lead the implementation, assessment, and continuous improvement of security controls aligned with NIST SP 800-171 and CMMC 2.0, ensuring organizational readiness for Level 2 certification. • Own and maintain the System Security Plan (SSP), Plans of Action and Milestones (POA&M), security policies, procedures, and compliance documentation. • Map and protect Controlled Unclassified Information (CUI) throughout its lifecycle, including data flows across engineering design (CAD/CAM), procurement, quality, manufacturing, and external suppliers. • Serve as the primary liaison for CMMC assessments, including coordination with C3PAOs, audit preparation, artifact management, and remediation tracking. • Implement and monitor security controls across both IT and OT environments, including identity and access management, multi-factor authentication, encryption, endpoint detection and response (EDR), SIEM, firewalls, and network segmentation. • Conduct vulnerability scanning, risk assessments, and gap analyses against NIST SP 800-171 controls, prioritizing mitigation efforts based on operational and contractual risk. • Lead cyber incident response activities, including documentation and reporting of incidents impacting CUI within required DFARS timelines (e.g., 72-hour reporting). • Partner cross-functionally with engineering, operations, quality, and leadership to embed cybersecurity into product development and manufacturing processes. • Oversee relationships with managed service providers (MSPs), cloud providers, and external security vendors to ensure secure configurations and regulatory compliance. • Develop and deliver practical cybersecurity training tailored to aerospace manufacturing personnel, including phishing awareness, secure technical data handling, and CUI best practices. • Establish compliance dashboards and executive reporting mechanisms to provide visibility into security posture and remediation progress. • Support and secure cloud environments, including Microsoft GCC High or Azure Government, where applicable.
