Senior Cyber Detection Engineer
Posted 1 day 1 hour ago by Optum
Senior Cyber Threat Detection Engineer - United Kingdom, Remote
Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together.
As a Fortune 5 business, we're one of the world's leading healthcare companies. There are no limits here on the resources you'll have or the challenges you'll encounter.
We have been supporting global healthcare systems from Ireland and the UK for more than 20 years, building a dynamic and diverse team of more than 2,100 talented individuals. With a continued record of growth and stability, we're on the constant lookout for fresh talent to join our expanding teams.
As a skilled Senior Cyber Threat Detection Engineer you will lead advanced detection strategies and combat evolving cyber threats. As a critical member of the team, you will focus on optimizing detection capabilities, proactive threat hunting, and incident investigations, driving the organization's ability to detect and mitigate security risks effectively. In addition to having impact on a great team, you'll also discover the career opportunities you'd expect from an industry leader.
Primary Responsibilities of the Senior Cyber Threat Detection Engineer:
•Lead the development, implementation, and tuning of detection rules in Google SecOps (Chronicle) using Yara-L language to ensure high-fidelity alerts and minimal false positives.
•Utilize a SIEM platform to monitor and analyze security logs, identify threats, and investigate complex security incidents.
•Conduct proactive threat hunting to identify malicious activities leveraging advanced analytics and threat intelligence.
•Coordinate and lead incident response activities, including containment, root cause analysis, eradication, and recovery.
•Research emerging cyber threats and vulnerabilities to enhance detection strategies.
•Optimize and configure security tools and platforms to improve detection and response capabilities.
•Collaborate with cross-functional teams to integrate new log sources and refine existing telemetry for advanced detection.
•Develop and maintain code libraries to enrich security telemetry within the detection pipeline.
•Conduct code reviews and provide mentorship to junior team members.
•Build and maintain relationships across teams to enhance overall security posture.
You will be rewarded and recognised for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role, as well as providing development for other roles you may be interested in.
Required Qualifications of the Senior Cyber Threat Detection Engineer:
•Extensive experience in writing and optimizing detection queries in Yara-L language for Google SecOps (Chronicle).
•Experiecne working in a Security Operations Center (SOC) or Security Incident Response environment
•Strong experience writing detection queries in additional languages (e.g., KQL for Microsoft Defender, SPL for Splunk):
•Experience working with SIEM log analysis, monitoring, and investigation
•Identifying attacker tactics, techniques, and procedures:
•Knowledge of EDR, email security, and SaaS application security
•Strong understanding of log sources (network, host, application):
•Strong analytical and problem-solving capabilities to identify and mitigate security risks.
•Excellent communication and collaboration skills to work effectively in a team environment.
•Expertise in modern attack patterns and the evolving threat landscape.
Please note you must currently be eligible to work and remain indefinitely without any restrictions in the country to which you are making an application. Proof will be required to support your application.
All telecommuters will be required to adhere to the UnitedHealth Group's Telecommuter Policy.
At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalised groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.
Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, sexual orientation, or any other characteristic protected by law. UnitedHealth Group is a drug-free workplace. 2023 UnitedHealth Group. All rights reserved.