Senior Information Security Engineering Analyst

Noida, Uttar Pradesh
Permanent
Full-time

6 days ago

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together.As part of the Cyber Defense (CD) organization, the Perimeter Network Pentest Coordinatorrole is responsible for executing CD strategy for UnitedHealth Group (UHG) and its affiliates through facilitating a complete annual network penetration test, defining scope of the attack surface, identifying ownership of domains and IPs, defining cloud scope, and working with application teams as a subject matter expert throughout the pentest process. Position will also be responsible for working on metrics around the network pentest. The portfolio of services the Ethical Hacking team covers include penetration testing of web apps, networks, entities owned by UHG, and the related technologies\processes that enable the team functions to run at scale within a large, heavily segmented Global Fortune 10 company.Primary Responsibilities:

Work as part of an agile penetration testing team, empowered to execute objectives in a thorough and timely fashion
Work independently meeting all deadlines and able to prioritize and rebalance workload with a dynamic application backlog
Define attack surface scope by partnering with various teams and utilizing attack surface management tools, DNS tools, attestation from AEs.
Automate manual scope processes.
Meet policy and contractual deadlines for network pentest, communicating timelines with leadership.
Communicate with teams and vendors, facilitating the process, establishing meetings, and ensuring tests are completed in timeline outlined in policy and in the vendor statement of work
Identify ownership of vulnerabilities, and create automated processes, partnering with other teams to ensure reduction in manual effort for future network pentests.
Report vulnerabilities found via vendor pentesting to the vulnerability reporting system, and facilitate retesting in accordance with policy and vendor statement of work
Effectively communicate successes and obstacles with fellow team members and team lead(s)
Interface with customer contact(s) and staff in a constructive and professional manner
Have subject matter expertise in application vulnerabilities, pentesting process, project management, cloud deployment, containerization, and automation
Ethically operate with appreciable latitude in developing methodology and applying it in the field
Ability to communicate clearly and effectively through oral or written communication with all levels in the organization
Ability to initiate, design, execute, complete, and provide metrics on projects independently with minimal direction
Drive cross-team efforts to address systemic risks across the business
Act as an overall SME and force multiplier for team through mentoring, education, training, etc.
Occasionally on-call support is required for the position
Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regard to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so

EligibilityTo apply to an internal job, employees must meet the following criteria:

SG25 and SG 26 can apply, SG 26 will move laterally
Minimum duration of 12 months of continuous service in their current grade and position
Performance rating in the last common review cycle of "Meets Expectations" or higher
Not be on any active CAP (Corrective Action Plan) or active disciplinary action

Required Qualifications:

Undergraduate degree or equivalent experience
3+ years of experience in Information Security OR Information Security certification
Experience with OWASP framework
Proficiency in at least one scripting language (Perl, Python, Bash, PowerShell, VBA, etc.)

Preferred Qualifications:

Experience with PowerApps or other automation tools
Experience with Power BI or other BI metrics and reporting
Experience in API development
Experience in AI development
Experience in project management
Experience\certification in penetration testing (PenTest+, CEH, etc)
Experience with Linux, command-line, and Windows Server management

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone - of every race, gender, sexuality, age, location and income - deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.

UnitedHealth Group

Apply Now