Requisition Number: 2358822 Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. Primary Responsibilities: - Lead and conduct highly complex security incident investigations across endpoints (memory and disk), network traffic, and cloud environments, including Azure and Microsoft 365 - Perform advanced incident investigation and in-depth log analysis by correlating data from multiple sources such as SIEM, EDR, network security devices, and cloud platforms to accurately identify scope and impact - Act as the final escalation point for critical and high-severity security incidents, providing expert guidance and decisive incident handling - Conduct static and dynamic malware analysis, including reverse engineering of exploits, and analyze adversary tactics, techniques, and procedures (TTPs) to understand attacker behavior - Map attacker activities and observed behaviors to industry-recognized frameworks such as MITRE ATT&CK, NIST to ensure structured analysis and reporting - Execute effective containment actions during incidents, including isolating compromised systems, blocking malicious traffic, disabling accounts, and applying emergency controls to limit spread and impact - Acquire digital evidence from compromised environments, including disk images, memory dumps, system logs, and network traffic, using forensically sound methodologies - Maintain a strict chain of custody by ensuring all evidence is properly documented, securely stored, and protected from tampering throughout the investigation lifecycle - Analyze forensic artifacts such as file systems, registry entries, event logs, and memory structures to identify indicators of compromise and malicious activity - Perform memory forensics to detect running processes, injected or malicious code, credential theft mechanisms, and other in-memory threats that may not be present on disk - Validate that eradication activities are fully completed and ensure affected systems are securely restored to normal operations without residual risk - Prepare comprehensive incident reports detailing timelines, root cause analysis, impact assessment, indicators of compromise (IOCs), and remediation actions taken - Collaborate with Security and Engineering teams to automate repetitive tasks such as alert enrichment, containment workflows, response actions, and ticket creation to improve efficiency and consistency - Leverage internal and external threat intelligence feeds to enrich investigations with contextual insights, including known malicious IPs, domains, threat actor profiles, and attacker methodologies - Work closely with cross-functional teams to ensure coordinated and timely execution of incident response activities - Continuously enhance detection and response capabilities by recommending improvements to SIEM and EDR platforms, tuning detection rules, developing better queries, and identifying logging gaps - Handle Priority 1 (P1), Priority 2 (P2) and other critical incidents with urgency, ensuring rapid response, clear stakeholder communication, and minimal business disruption - Monitor and report on key performance indicators (KPIs) such as Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) to measure and improve incident response effectiveness - Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regard to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so a { text-decoration: none; color: #464feb; } tr th, tr td { border: 1px solid #e6e6e6; } tr th { background-color: #f5f5f5; } Required Qualifications: - 5+ years of hands-on experience in Major Security Incident Management, including: - Case management - War room facilitation - Paging / on-call coordination - Security bridge management - Solid log analysis experience across multiple security domains, including: - SIEM platforms - Endpoint security - Perimeter/network security - Threat intelligence feeds - Email security solutions - Proven experience in Sandbox Analysis for malware and suspicious file investigation - Hands-on Digital Forensics experience, including evidence collection, analysis, and reporting - Solid understanding and application of security frameworks, including: - MITRE ATT&CK - MITRE D3FEND - NIST (incident response, security controls, or related standards) - Practical experience with forensic tools, such as: - Magnet AXIOM Forensics - REMnux - X-Ways Forensics - EnCase - Forensic Toolkit (FTK) - Or equivalent forensic tools Preferred Qualifications: - Relevant security certifications, such as: - CHFI (Computer Hacking Forensic Investigator) - EnCE (EnCase Certified Examiner) - ACE (AccessData Certified Examiner) - GCFA / GCFE - GIAC Certified Incident Handler (GCIH) - Microsoft Security Operations Analyst Associate (SC-200) - Advanced understanding of adversary behavior, including: - Adversary Tactics, Techniques, and Procedures (TTPs) - Cyber Kill Chain methodologies - Expert-level application of MITRE ATT&CK and MITRE D3FEND - Solid working knowledge of NIST frameworks, particularly: - NIST 800-61 (Computer Security Incident Handling Guide) - Experience handling major security incident scenarios, such as: - Ransomware attacks - Distributed Denial of Service (DDoS) - Advanced Persistent Threats (APT) - Business Email Compromise (BEC) - Fundamental understanding of application and networking protocols, including: - Application protocols: HTTP, DNS, FTP, etc. - Networking protocols: TCP, UDP, ARP, ICMP, etc. - Ability to analyze packet capture (PCAP) files using tools such as Wireshark - Knowledge of operating system internals, including: - Virtual memory and paging mechanisms - Malware techniques used to evade detection At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone - of every race, gender, sexuality, age, location and income - deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission. Optum is a drug-free workplace. © 2026 Optum Global Solutions (Philippines) Inc. All rights reserved.

Role Description The Senior Account Executive will be responsible for leading pursuits in our enterprise cybersecurity business. Key responsibilities include: - Drive proactive campaigns to build your pipeline. - Use specialised knowledge and skills to prospect, qualify, negotiate, and close opportunities. - Manage named accounts allocated, covering the Netherlands. What the role offers: - Develop a long-term sales pipeline to increase the company's market share in the enterprise segment. - Utilise specialised expertise to identify new opportunities for customer value by expanding and enhancing existing opportunities. - Set direction for business development and solution replication. - Sell complex products or solutions to customers on a partnership basis. - Establish a professional, working, and consultative relationship with the client, including the C-level for mid-to-large accounts. - Maintain and use overall cross-portfolio knowledge to support account leads with the integration of solutions. Qualifications - Fluent Dutch & English language skills. - Deep understanding of Cyber Security practices. - A minimum of 10 years’ experience as a Senior Account Executive, with at least 5 years in cybersecurity sales. - Demonstrated achievement of progressively higher quota diversity of business customers, and higher-level customer interface. - Prior selling experience includes multiple, diverse sets of selling responsibilities. - Viewed as an expert in the given field by the company and the customer. - Considered a mentor of selling strategy, including designing strategy. Requirements - Natural relationship builder, highly personable. - Ability to offer support in any situation. - Confident and persuasive communicator. - Ability to articulate the benefits and outcomes of ideas to gain buy-in. Benefits - Inclusive work environment that goes beyond compliance with applicable laws. - Employment Equity and Diversity Policy that maintains an inclusive working environment. - Proactive approach fostering collaboration, innovation, and personal growth.

Role Description At CACI, background investigation is more than research and reports—it’s a critical role in ensuring the safety and security of our nation. By joining our team, you’ll be part of an organization that values trust, integrity, and professionalism in everything we do. What You’ll Get to Do: - Use technology, electronic tools, and multiple systems simultaneously to conduct comprehensive interviews with subjects, employers, associates, references, and other knowledgeable individuals. - Review appropriate records to obtain facts and resolve all material issues in a case to establish the background, reputation, character, suitability, or qualifications of the subject under investigation. - Conduct interviews using a variety of methods, including Virtual Teleconference (VTC), phone interviews, and in-person meetings, with VTC as the primary method. - Attend a multiweek intensive virtual, online training with additional shadowing and mentorship with an experienced Investigator. - Potential travel to locations across the U.S. for temporary duty assignments (TDY), typically lasting 2 weeks. Qualifications - Bachelor’s Degree or 4 years of general experience demonstrating progressive responsibility in problem solving, planning and organizing work, and communicating effectively orally and in writing. - Ability to obtain and maintain a favorable determination based on a T5 Investigation. - Strong sense of mission in supporting national security initiatives. - Impeccable work ethic, integrity, and a positive, can-do attitude. - Ability to navigate and utilize multiple technology systems simultaneously to maintain workflow efficiency and productivity. - Current driver’s license, reliable personal vehicle, and willingness to travel locally dependent on assignment location. - Home office within reasonable distance to areas workload and equipped with reliable high-speed Internet ($50 monthly internet stipend is provided). - Ability to sit, type, stand, or walk for extended periods of time. - Excellent time management skills and the ability to prioritize effectively. - Exceptional written and oral communication skills, including the ability to: - Communicate complex or sensitive information effectively to individuals or groups. - Listen attentively to others, respond appropriately to nonverbal cues, and make clear and convincing oral presentations. - Maintain strong relationships with diverse individuals and handle challenging situations with tact and professionalism. - Recognize or use correct English grammar, punctuation, and spelling; communicate information in a succinct and organized manner; produce written information appropriate for the intended audience. Requirements - Clearance: Active Top Secret Clearance based on a T5. Benefits - Comprehensive benefits such as healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. - Flexible time off benefit. - Access to robust learning resources. Pay Range This posting is for a position covered by the Service Contract Labor Standards (SCA). The pay and benefits provided for this position will meet or exceed the minimum required amounts detailed in the wage determination issued by the Department of Labor and made applicable to this position, as incorporated into CACI’s government contract for the work location. Minimum Required Hourly Wage: $26.07 There are a host of other factors that can influence final salary including, but not limited to, geographical location, relevant prior work experience, specific skills and competencies, education, and certifications. Company Description CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.

Role Description The Application Security Analyst plays a hands-on role in supporting and executing the application security program at HealthStream. Working closely with and under the guidance of the Sr. Application Security Architect, this role focuses on identifying, assessing, and helping remediate security vulnerabilities across our software products and cloud environments. The Analyst will partner with Engineering, DevOps, and Product teams to embed security practices into the software development lifecycle (SDLC), operate security tooling, and contribute to a culture of security awareness. This is an excellent opportunity for a motivated security professional looking to grow within a collaborative, mission-driven healthcare technology organization. Key Responsibilities - Adhere to all HealthStream security policies, procedures, and assigned training. - Application Security Testing & Vulnerability Management - Operate and manage automated application security testing tools, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST). - Triage, validate, and prioritize vulnerability findings from security scans, penetration tests, and bug reports, working with development teams to track remediation to closure. - Conduct or support manual security assessments and penetration testing of web applications, APIs, and mobile applications. - Produce clear, actionable vulnerability reports with risk ratings and remediation guidance for development teams. - Manage and maintain vulnerability findings within the Snyk, Invicti and SonarQube or equivalent vulnerability management platform. - Secure Development Lifecycle (SDLC) Support - Support the integration of security into CI/CD pipelines and DevSecOps workflows, including automated security gate checks. - Participate in design and architecture reviews with a security lens, helping identify potential risks early in the development process. - Assist in threat modeling exercises for new features and systems under the guidance of the AppSec Architect. - Perform security-focused code reviews and provide developers with clear, constructive feedback and guidance. - Contribute to the maintenance of a secure code library and reusable security patterns for development teams. - Security Tooling & Cloud Security - Support the management and configuration of application security tools such as Synk, Invicti, SonarQube and DefectDojo. - Assist in implementing and monitoring security controls for cloud-based environments, including AWS and Azure. - Evaluate and test emerging security tools and contribute recommendations to the AppSec team. - Support API security testing and assist in securing third-party and open-source integrations. - Security Awareness & Collaboration - Collaborate with cross-functional teams including Engineering, DevOps, and Product to promote security best practices and a shift-left mindset. - Deliver security awareness content and assist in conducting security training sessions for development staff. - Stay current on emerging security threats, vulnerabilities (CVEs), and attack techniques, sharing relevant intelligence with the team. - Assist in maintaining security documentation, standards, runbooks, and internal knowledge base articles. - Support compliance-related activities, including evidence gathering for audits related to HIPAA, SOC 2, HITRUST or other applicable frameworks. FedRAMP experience is a plus. - Other Duties as assigned. Qualifications - Bachelor’s degree in information security, Computer Science, Software Engineering, or a related field. Equivalent practical experience will be considered. - 2 to 4 years of experience in application security, information security, or software development with a security focus. - Working knowledge of the OWASP Top 10, common web application vulnerabilities, and secure coding principles. - Hands-on experience with application security testing tools such as SAST, DAST, or IAST (e.g., Synk, Invicti, Checkmarx, SonarQube, Burp Suite, or similar). - Familiarity with cloud security concepts and hands-on exposure to AWS or Azure environments. - Understanding of CI/CD pipelines and experience integrating security checks into DevOps workflows. - Experience with API security testing and a solid understanding of RESTful service security. - Proficiency in at least one scripting or programming language such as Python, JavaScript, Java, or Go for automation and security tooling purposes. - Strong analytical and problem-solving skills with attention to detail. - Excellent written and verbal communication skills, with the ability to explain security concepts to both technical and non-technical audiences. - Ability to manage multiple tasks and vulnerabilities simultaneously, prioritizing effectively in a fast-paced environment. Requirements - Relevant security certifications such as CompTIA Security+, CEH (Certified Ethical Hacker), GWAPT, eWPT, or equivalent. - Experience using vulnerability management platforms such as Snyk, Invicti, or similar. - Familiarity with security frameworks and standards including OWASP SAMM, NIST, or CIS Controls. - Exposure to healthcare industry security and privacy regulations, including HIPAA. - Experience with secure methods of integration with third-party platforms and open-source components. - Participation in bug bounty programs, Capture the Flag (CTF) competitions, or open-source security research. - Awareness of AI/ML security trends and their implications for application security. - Experience with Identity and Access Management (IAM) security concepts and OAuth/OpenID Connect. Benefits - Medical, Dental and Vision insurance - Paid Time Off - Parental Leave - 401k and Roth - Flexible Spending Account - Health Savings Account - Life Insurance - Short- and Long-Term Disability - Medical Bridge Insurance - Critical Illness Insurance - Accident Insurance - Identity Protection - Legal Protection - Pet Insurance - Employee Assistance Program - Fitness Reimbursement