Optum logo
Optum

Optum, part of the UnitedHealth Group family of businesses, is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. At Optum, we support your well-being with an understanding team, extensive benefits and rewarding opportunities. By joining us, you’ll have the resources to drive system transformation while we help you take care of your future. We recognize the power of connection to drive change, improve efficiency and make a difference in health care. Join a team where your skills and ideas can make an impact and where collaboration is key to creating technology that produces healthier outcomes.

Senior Info Security Engineering Analyst - SIEM Engineer

Security EngineerSecurity EngineerFull TimeRemoteSeniorTeam 160,000Since 2011Company Site

Location

Philippines

Posted

3 days ago

Salary

0

Seniority

Senior

English

Job Description

Senior Info Security Engineering Analyst - SIEM Engineer

Optum

Requisition Number: 2356996 Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. We are seeking an experienced SIEM Engineer with strong hands-on expertise in Microsoft Sentinel, Splunk, and CrowdStrike to design, implement, and manage enterprise security monitoring solutions. The ideal candidate will have deep knowledge of incident detection & response, along with exposure to network security technologies such as firewalls, IDS/IPS, and email security solutions. Primary Responsibilities: - Design, deploy, and maintain SIEM platforms including Microsoft Sentinel, CrowdStrike and Splunk - Develop and optimize use cases, detection rules, dashboards, and alerts - Integrate multiple log sources (cloud, on-prem, applications, endpoints) into SIEM - Perform security incident triage, investigation, and response - Leverage CrowdStrike for endpoint detection and response (EDR) and threat hunting - Tune SIEM and EDR solutions to reduce false positives and improve detection accuracy - Conduct threat hunting activities using telemetry from SIEM and EDR tools - Work closely with SOC teams to support incident handling and escalation - Perform log analysis and correlation to identify potential security threats - Implement automation using playbooks, SOAR, or scripting (PowerShell/Python) - Ensure compliance with security policies, standards, and frameworks - Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications: - Bachelor's degree in Computer Science, Information Security, or a related field - Relevant certifications (preferred but not mandatory): Microsoft SC-200 / AZ-500 - Splunk Certified Power User / Admin - CrowdStrike certifications - CEH, CISSP, or equivalent - Solid hands-on experience with: - Microsoft Sentinel (Azure SIEM/SOAR) - Splunk (Enterprise Security preferred) - CrowdStrike Falcon (EDR) - Hands-on experience with: - Firewalls (Palo Alto, Fortinet, Check Point, etc.) - IDS/IPS solutions - Email Security Gateways (Proofpoint, Mimecast, O365 Defender, etc.) - Experience in incident response and security event analysis - Solid knowledge of SIEM architecture, log management, and correlation - Understanding of network protocols (TCP/IP, DNS, HTTP, etc.) - Familiarity with: - Azure Security / Cloud Security concepts - Threat intelligence platforms - MITRE ATT&CK framework - Scripting knowledge (Python / PowerShell) - Experience with SOAR tools At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission. Optum is a drug-free workplace. © 2026 Optum Global Solutions (Philippines) Inc. All rights reserved.

Related Categories

Related Job Pages

More Security Engineer Jobs

Casas Bahia Tecnologia logo

Cybersecurity Specialist, Incident Response

Casas Bahia Tecnologia

A Tecnologia do Grupo Casas Bahia - A dedicação nunca foi tão forte!

Full TimeRemoteTeam 1,001-5,000Since 2021H1B No Sponsor

• Coordinate Security Operations Center (SOC) operations, ensuring continuous monitoring, rapid response, and alignment with company security policies. • Assess and optimize incident response processes, implementing automation, playbooks, and metrics to increase efficiency and reduce response time. • Conduct detailed incident analyses, identifying root causes and impacts, and proposing corrective and preventive measures. • Manage SIEM, SOAR, and other monitoring tools, ensuring integration and effectiveness in threat detection. • Collaborate with cybersecurity defense teams, GRC, IAM, and infrastructure to coordinate actions during incidents and improve overall security posture. • Prepare technical and executive reports on incidents, trends, and implemented improvements. • Train SOC analysts and other stakeholders on incident response best practices and tool usage. • Stay current on new attack techniques, response frameworks (e.g., NIST, MITRE ATT&CK), and market trends.

Brazil
UMGC Ventures logo

Adjunct Faculty, Homeland Security, Intelligence, Emergency Management

UMGC Ventures

A new model in higher education funding from a leader in education innovation, UMGC.

Part TimeRemoteTeam 51-200Since 2016H1B No Sponsor

• Teach online in the Homeland Security, Intelligence, and Emergency Management programs. • Actively engage students through frequent interaction that motivates them to succeed. • Guide students in collaboration and application of their learning in problem- and project-based learning demonstrations. • Provide rich feedback, utilizing rubrics effectively for assessment of student work. • Demonstrate relevant subject-matter expertise and connect concepts across the program.

United States
$806 - $1.6K / hour
Lincoln Financial logo

Claims Examiner II – Social Security

Lincoln Financial

We help people confidently plan for their version of a successful financial future.

Full TimeRemoteTeam 10,001+Since 1905H1B No Sponsor

• Delivers routine work independently, in accordance with established procedures and guidelines, in a timely manner and meets deadlines appropriately. • Applies expanded knowledge obtained from the role in increasingly more complex situations and continues to acquire more knowledge to apply in role. • Reviews and interprets disability insurance policies with specific attention to provisions related to other income and/or offsets. • Contacts and educates claimants eligible for SSDI benefits. • Explains both the differences and coordination between the disability policy/benefits and the SSA's benefits/adjudication. • Provides initial guidance and continues on-going communication with claimants regarding their SS responsibilities and follow-up items until a final determination is made. • Accurately posts SS offsets in applicable system(s). • Develops and maintains working relationships with SSDI vendors and/or claimant attorneys. • Works closely with internal benefits/claims teams; regularly providing information and updates regarding Social Security eligibility and determinations. • Takes initiative to investigate issues and identify root causes; recommends solutions to improve operational effectiveness. • Maintains and updates knowledge of SSDI guidelines and departmental policies & procedures.

Connecticut + 3 moreAll locations: Connecticut | Nebraska | North Carolina | Pennsylvania
$23 - $31 / hour

Role Description We are seeking a skilled Cloud Security Engineer to strengthen the security of our multi-cloud infrastructure. The ideal candidate will be responsible for: - Cloud security operations - Security monitoring - Incident response - Configuration reviews - Automation - Implementing security best practices across cloud platforms, endpoints, email systems, and AI-enabled workloads This role requires hands-on experience with cloud security technologies, identity management, SIEM, CSPM, automation, and cloud-native security services. Qualifications - Bachelor's degree in Computer Science, Cybersecurity, Information Security, or a related field - 5–8 years of experience in Cloud Security, Security Operations, or Cloud Infrastructure Security - Hands-on experience securing AWS, Microsoft Azure, Google Cloud Platform (GCP), or Oracle Cloud Infrastructure (OCI) - Strong understanding of Identity & Access Management (IAM), cloud networking, and cloud-native security services - Experience with Cloud Security Posture Management (CSPM) tools and Endpoint Detection & Response (EDR) platforms such as CrowdStrike - Experience working with SIEM platforms and incident response processes - Knowledge of identity-aware access solutions such as Teleport or similar secure access platforms - Proficiency in Python scripting - Understanding of AI/ML workload security, API security, and cloud data protection Requirements - Monitor, analyze, and respond to security events across AWS, Azure, GCP, or OCI environments - Investigate cloud security alerts and perform threat analysis - Support continuous monitoring and improvement of the organization's cloud security posture - Analyze security findings related to cloud infrastructure, endpoints, email security, and monitoring platforms - Document risk assessments, severity classifications, business impact, and remediation recommendations - Maintain accurate security findings within ticketing systems and reporting platforms - Triage, investigate, and classify security alerts from cloud security and monitoring tools - Maintain detailed investigation records, including analysis performed, mitigation actions, escalations, and final resolution - Assist in security incident investigations, root cause analysis, and post-incident reporting - Conduct secure configuration assessments across cloud environments - Review IAM configurations and evaluate Cloud Security Posture Management (CSPM) findings - Recommend improvements to strengthen cloud security controls and compliance - Secure AI/ML workloads deployed in cloud environments, including training pipelines, inference services, and data storage - Monitor AI services and third-party AI APIs for misuse, anomalies, and unauthorized access - Collaborate with engineering teams to implement secure AI deployment practices - Support governance and policy development for responsible AI adoption - Design, develop, and maintain security automation workflows and scripts - Develop automation using Python and Infrastructure as Code (IaC) tools such as Terraform - Document automation processes to support operational teams - Prepare operational reports covering security alert trends, remediation progress, cloud security posture improvements, and tool optimization and tuning - Present security status updates and findings to internal stakeholders Company Description

India