UnitedHealth Group

UnitedHealth Group is a healthcare and well-being company that’s dedicated to improving the health outcomes of millions around the world. We are comprised of

Senior Cybersecurity Analyst

Location

Minnesota + 1 moreAll locations: Minnesota | District Of Columbia

Posted

7 days ago

Salary

$91.7K - $163.7K / year

Seniority

Senior

Job Description

Senior Cybersecurity Analyst

UnitedHealth Group

Senior Cybersecurity Analyst Requisition number: 2361457 Job category: Technology Primary location: Eden Prairie, MN Overtime status: Exempt Travel: Yes, 10 % of the Time Job Description: Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. You'll enjoy the flexibility to work remotely * from anywhere within the U.S. as you take on some tough challenges. For all hires in the Minneapolis or Washington, D.C. area, you will be required to work in the office a minimum of four days per week. Primary Responsibilities: - Platform & Domain Expertise - Demonstrate sustained, hands-on experience operating enterprise asset intelligence platforms - Apply platform capabilities to support enterprise objectives related to asset visibility, risk awareness, and data reliability - Understand how asset intelligence data is generated, normalized, and interpreted across large, complex network environments - Networking Knowledge & Application- - Possess a solid understanding of enterprise networking concepts, architectures, and device communication patterns - Apply knowledge of networking fundamentals (e.g., IP addressing, routing, switching, segmentation, and name resolution) to support accurate asset discovery and classification - Demonstrate the ability to interpret network based signals and telemetry to inform asset identification and behavioral understanding - Asset Discovery & Data Quality - Support enterprise asset discovery efforts by validating completeness, accuracy, and consistency of discovered assets - Identify and escalate data quality issues such as duplication, misclassification, incomplete attribution, or stale records - Contribute to ongoing initiatives focused on improving trust in enterprise asset data used for security, infrastructure, and operational decision making - Integration Awareness & Cross Functional Support - Understand how asset intelligence platforms integrate with broader enterprise systems and processes - Collaborate effectively with network, infrastructure, cybersecurity, and platform teams to align asset data with business and operational needs - Communicate technical findings clearly and professionally to stakeholders with varying levels of technical expertise - Operational Execution & Problem Solving - Apply structured analysis to investigate asset visibility gaps, discovery limitations, and data discrepancies - Support operational processes through consistent execution, documentation, and adherence to established standards - Demonstrate sound judgment when working within regulated, security sensitive enterprise environments - Documentation, Governance & Risk Awareness - Produce clear, accurate documentation to support operational transparency, governance, and audit readiness - Contribute to standards, guidelines, and best practices related to asset discovery and network visibility - Support risk management and compliance activities by providing fact based, defensible asset intelligence inputs - Professional Effectiveness - Demonstrate strong analytical thinking, attention to detail, and accountability in execution - Operate effectively both independently and as part of cross functional teams - Align day to day activities with broader enterprise objectives and organizational priorities The role will require the following Functional Competencies related to ARMIS Network Asset Intelligence : - ARMIS Platform Expertise - Demonstrated hands-on experience administering and operating the ARMIS Asset Intelligence Platform in a large, complex enterprise environment - Strong understanding of ARMIS device discovery methods, data ingestion sources, and telemetry interpretation - Ability to analyze ARMIS asset records for accuracy, completeness, and consistency across network, IT, and security domains - Experience supporting ARMIS use cases related to asset visibility, unmanaged device identification, and exposure analysis - Enterprise Networking Fundamentals - Solid understanding of enterprise network architectures, including LAN, WAN, WLAN, and data center environments - Proficiency with core networking concepts such as TCP/IP, VLANs, routing, switching, DNS, DHCP, and NAT - Ability to interpret network traffic patterns and device behavior to support accurate asset classification and discovery - Experience working with network-connected devices including switches, routers, firewalls, wireless controllers, IoT, and OT systems - Asset Discovery & Data Quality Management - Ability to validate discovered assets against known inventories and enterprise data sources - Skilled in identifying gaps, duplicates, misclassifications, and stale records within ARMIS datasets - Experience supporting data quality initiatives focused on improving asset coverage, accuracy, and trustworthiness - Strong attention to detail when reviewing asset attributes, ownership, site assignment, and integration mappings - Integration & Cross Tool Collaboration - Experience working alongside network, infrastructure, security, and platform teams to align ARMIS outputs with enterprise needs - Understanding of how ARMIS integrates with complementary tools (e.g., CMDBs, vulnerability scanners, network monitoring platforms) - Ability to communicate technical findings clearly to both technical and non technical stakeholders - Proven capability to support cross functional initiatives involving asset intelligence and risk visibility - Operational Support & Troubleshooting - Ability to troubleshoot ARMIS discovery issues, data discrepancies, and network visibility gaps - Experience analyzing root causes related to network configuration, sensor coverage, or integration limitations - Capable of supporting operational runbooks, standard operating procedures, and continuous improvement efforts - Comfortable working in regulated, security conscious enterprise environments with defined controls and processes - Documentation & Governance Support - Ability to document findings, assumptions, and outcomes in a clear and professional manner - Experience contributing to standards, guidelines, and best practices related to asset discovery and network visibility - Supports audit, risk, and compliance inquiries by providing fact based, defensible ARMIS insights - Professional & Analytical Skills - Solid analytical mindset with the ability to interpret complex technical data and draw actionable conclusions - Demonstrates accountability, consistency, and discipline when handling enterprise asset intelligence - Effective collaborator who can operate independently while aligning with broader program objectives You'll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in. Required Qualifications: - Associate's degree - 3+ years of hands-on experience using ARMIS in an enterprise production environment - 3+ years of experience working with asset discovery, inventory, or visibility data in large, complex environments Preferred Qualifications: - Experience supporting asset intelligence or data quality initiatives at enterprise scale - Familiarity with enterprise governance, audit, or risk management processes related to asset data - Proven collaboration with network, infrastructure, or cybersecurity teams - Solid foundational knowledge of enterprise networking concepts and network connected devices - Demonstrated ability to analyze technical data and produce clear, accurate documentation - Proven ability to operate effectively in a regulated, security conscious enterprise organization *All Telecommuters will be required to adhere to UnitedHealth Group's Telecommuter Policy. Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, you'll find a far-reaching choice of benefits and incentives. The salary for this role will range from $91,700 - $163,700 annually based on full-time employment. We comply with all minimum wage laws as applicable. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location, and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups, and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission. UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.

Related Job Pages

More Security Analyst Jobs

TEKsystems logo

AI Security Risk Analyst

TEKsystems

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia.

ContractRemoteTeam 10,001H1B No Sponsor

Role Description Our healthcare client is looking for an AI Security Risk Analyst who will be doing security risk reviews for AI adoption. Will be part of the Information Security and Risk Management team and will work at an enterprise level to ensure a consistent delivery of information security and risk management services. This individual will act as a subject matter expert to the assigned business units on matters regarding information security and compliance with HIPAA, Joint Commission, DSRIP, COBIT, and state privacy laws. Qualifications - 5+ years of experience in AI Risk assessments and analyzing risks. - 5+ years of experience in AI security review. - A minimum of ten years of IT experience, with at least 7 years dedicated to IT/Cyber Security, including Solution Design and risk management. Requirements - Background in AI security reviews and knowledge of AI adaptation risks. - Ability to maintain and enforce security risk management frameworks and methodologies. - Experience drafting risk acceptances, exceptions, and tracking remediation items within GRC tools. - Ability to turn business-level risk requirements into specific technical control specifications for engineering teams/business units. Benefits - Medical, dental & vision - Critical Illness, Accident, and Hospital - 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available - Life Insurance (Voluntary Life & AD&D for the employee and dependents) - Short and long-term disability - Health Spending Account (HSA) - Transportation benefits - Employee Assistance Program - Time Off/Leave (PTO, Vacation or Sick Leave) Company Description We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia.

United States
$70 - $85 / hour
Job Closed
Graham Packaging Company logo

OT Cybersecurity Analyst

Graham Packaging Company

Graham Packaging is a leading manufacturer of sustainable packaging. They’re the kind of people you want as your friends and neighbors as well as your partners and suppliers. By building strong relationships and creating value for our customers, our employees embody the innovative spirit that’s inherent to Graham.

Full TimeRemoteTeam 5,001-10,000

Role Description The OT Cyber Security Analyst is a critical member of the Cybersecurity and Operational Technology (OT) team, responsible for securing industrial control systems and manufacturing environments. This role focuses on: - OT security monitoring, threat detection and incident response - Vulnerability management - Secure implementation of cybersecurity controls across plant operations The analyst will leverage hands-on experience in manufacturing environments, working directly with: - PLCs - Embedded systems - Industrial networks - OT-specific security platforms such as Dragos - Tools including CrowdStrike and Linux-based systems This role requires a practitioner who can bridge IT and OT domains, ensuring the availability, integrity, and security of production systems without disrupting operations. This is a remote position with travel required to manufacturing facilities primarily in North America, with occasional travel to Europe and South America. Responsibilities - OT Security Monitoring & Incident Response: Monitor industrial networks, control systems (SCADA, PLCs), and plant environments for cyber threats and anomalies. Investigate alerts generated by tools such as Dragos and CrowdStrike, and coordinate incident response actions including containment and recovery with plant operations teams. - Threat Detection & OT Risk Analysis: Identify threats targeting industrial control systems by analyzing OT network traffic, device behavior, and threat intelligence. Perform root cause analysis of incidents impacting manufacturing environments. - OT Vulnerability Management: Assess vulnerabilities across OT assets including PLCs, HMIs, and embedded systems. Partner with engineering and plant teams to prioritize remediation activities that minimize production risk. - Industrial Control Systems (ICS) Security: Support the design, implementation, and maintenance of secure architectures for PLCs, DCS, and embedded systems. Ensure adherence to segmentation, least privilege access, and secure communication protocols within plant environments. - Tool Administration & Optimization: Deploy, maintain, and optimize OT and endpoint security platforms including Dragos, CrowdStrike, and Linux-based monitoring tools. Tune detection rules and alerts to reduce false positives and improve threat visibility. - Network Segmentation & Plant Security Controls: Assist in implementing network segmentation strategies between IT and OT environments. Validate firewall rules, remote access controls, and secure vendor connectivity into plant networks. - Collaboration with Manufacturing & Engineering Teams: Work closely with plant managers, controls engineers, and IT teams to integrate cybersecurity controls into manufacturing processes without impacting uptime or throughput. - Security Policy, Compliance & Standards: Ensure OT security practices align with frameworks such as NIST Cybersecurity Framework (CSF), ISA/IEC 62443, and internal company cybersecurity policies. Support audits and risk assessments specific to manufacturing operations. - Continuous Improvement & Threat Intelligence: Stay current on emerging OT threats and vulnerabilities. Contribute to improving the organization’s overall OT security posture through new controls, tools, and best practices. Qualifications - Education: Bachelor’s degree in Cybersecurity, Information Technology, Engineering, or related field preferred (or equivalent experience) - Experience: - 3–7 years of experience in cybersecurity, with direct experience in OT/ICS environments within manufacturing required - Proven experience implementing cybersecurity controls in industrial or production environments - Hands-on experience supporting plant operations or working with controls/automation teams is strongly preferred - Technical Skills: - Strong understanding of OT networks, industrial protocols (Modbus, OPC, Ethernet/IP), and control systems architecture - Hands-on experience with PLCs and embedded systems - Dragos or similar OT security platforms - CrowdStrike or equivalent endpoint detection tools - Linux environments and scripting - Familiarity with network segmentation, firewalls, and remote access in OT environments - Understanding of IT/OT convergence risks and mitigation strategies - Certifications (Preferred): - GICSP (Global Industrial Cyber Security Professional) - CISSP, CISM, or equivalent - Vendor-specific certifications (CrowdStrike, Dragos) a plus - Skills: - Strong analytical and troubleshooting skills in complex operational environments - Ability to communicate effectively with both technical teams and plant operations personnel - Ability to balance security requirements with operational uptime and safety priorities - Self-driven with ability to work independently in a remote environment Work Environment & Travel Requirements - Remote-based role with expected travel: - North America manufacturing sites: primary travel (approximately 25–40%) - International travel (Europe & South America): occasional, project-based - Must be comfortable working in industrial plant environments, including production floors when required Compensation Statement The standard compensation for this role is $128,400 - $192,600. Salary offers will be determined based on final candidate qualifications, experience, skillset, and other relevant factors. Benefits - Medical, dental, vision and basic life insurance - Enrollment in the company’s 401K Employee Saving Plan - Participation in the Employee Wellness Program - Paid time off in accordance with company policy and state law requirements EEO Disclaimer Graham Packaging is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, sex (including pregnancy), sexual orientation, religion, creed, age, national origin, physical or mental disability, gender identity and/or expression, marital status, veteran status or other characteristics protected by law.

Northern America + 2 moreAll locations: Northern America | Europe | South America
$128.4K - $192.6K / year
Full TimeRemoteTeam 1,001-5,000H1B No Sponsor

• Provide support for technology compliance programs • Lead and execute functions and duties for control design and remediation • Participate on large-scale projects • Maintain IT control library/testing general computer and application controls • Coordinate and support technology components of onsite and virtual audits/assessments, NCUA examinations and client due diligence reviews • Perform segregation of duties reviews and user attestations • Document process flows and compliance-related deliverables • Assist with creation and maintenance of IT and information security policies and standards required to maintain company certifications (e.g., PCI DSS, NIST CSF) • Coach and cross-train technology compliance staff • Collaborate with and advise technical and business unit resources at all levels on designing, implementing, and remediating technology controls • Drive for timely submission of critical audit and compliance deliverables

United States
$95.8K - $124.5K / year
AAA logo

Cyber Threat Intelligence Analyst

AAA

Proud to serve our 62+ million members, help travelers see the world and drive real change to improve road safety.

Security Analyst10 days ago
Full TimeRemoteTeam 5,001-10,000Since 1902H1B Sponsor

• operationalizing the Threat Intelligence Platform (TIP) • tracking priority threats • delivering actionable, detection‑driven intelligence to security teams and leadership • identifying, analyzing, and tracking cyber threats that may impact the organization • collecting intelligence from a wide range of internal and external sources • analyzing and contextualizing threat intelligence • supporting security operations through actionable insights • monitoring and analyzing intelligence from commercial, industry, and OSINT sources • maintaining and using Threat Intelligence Platforms (TIP) • integrating intelligence across security tools • collecting, enriching, and managing actionable IOCs • providing real‑time intelligence context during investigations and incidents • responding to ad hoc and time‑sensitive intelligence requests from stakeholders • producing and delivering intelligence reports and briefings for technical and non‑technical audiences

Alabama + 20 moreAll locations: Alabama | Arizona | California | Colorado | Connecticut | District Of Columbia | Florida | Idaho | Illinois | Iowa | Kansas | Kentucky | Louisiana | Maine | Montana | Maryland | Massachusetts | Michigan | Minnesota | Mississippi | Missouri
$122.9K - $164K / year