Senior Cybersecurity Analyst

UnitedHealth Group•Eden Prairie, MN

1d•Remote

About The Position

Optum is a global organization that delivers care, aided by technology, to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together. We are seeking a highly skilled and resourceful offensive security assessment member to join our Physical Red Team. In this role, you will simulate real-world adversaries to evaluate and improve the physical security posture of our facilities, personnel, and processes. You will plan and execute covert operations—such as facility penetration, surveillance, and social engineering—and provide detailed reporting to help strengthen defenses against sophisticated threats. You’ll enjoy the flexibility to work remotely from anywhere within the U.S. as you take on some tough challenges.

Requirements

High School Diploma/GED (or higher)
6 + years of experience in demonstrable ability to think critically and creatively to solve complex problems with limited to no guidance
6 + years of experience in time operating within a team which produced superior results to bring increased value and proficiency to an organization
4+ years of experience conducting risk assessments, identifying and implementing controls, and adhering to safety, legal, ethical, and moral rules and guidelines
3+ years of in-depth experience in physical red team assessments and reporting
3+ years of demonstrable experience deploying RF detection, monitoring, baselining, and alerting tools
3+ years of experience with intelligence gathering and sorting (HUMINT, OSINT, SIGINT, etc.) used in cohesive reports on action operations
3+ years of demonstrable coding experience and capabilities
3+ years of demonstrable experience in ability to design, source, build, and deploy various offensive security tools (wireless detection, SDR, drone, surveillance), both hardware and software
3+ years of hands-on experience with assessment and exploitation tools including: Software-defined radios RFID scanners WiFi Pineapple RaspberryPi Directional antennas
2+ years of hands-on experience with assessment and exploitation tools including: Kali, Burp, Cobalt Strike, and Metasploit Malware development Technology C2 infrastructure CCTV (NVR, DVR) exploitation
Ability to travel up to 50%25 of the time; including outside the United States

Nice To Haves

Physical Red Team certification (CCRTS, PSP, CEE, etc.)
Offensive security certification (GPEN, OSCP, CRT)
Law enforcement, military, or private/government security experience
Ham radio license
FAA Part 107 drone license
Located in Minneapolis/St. Paul, MN

Responsibilities

Conduct physical security assessments of facilities by attempting to bypass locks, alarms, access controls, and security personnel
Perform covert entry operations including reconnaissance, surveillance, and red team exercises
Test human-factor vulnerabilities through social engineering, impersonation, or tailgating
Conduct intelligence (OSINT, HUMINT, SIGINT) collection on facilities, personnel, and businesses
Design, source, build, and deploy physical and technological offensive security tools
Create and communicate risk-profiles for executive members
Document findings with accurate reporting, photography, and after-action reviews, including remediation recommendations
Collaborate with cybersecurity, corporate security, and defensive security teams to ensure findings are integrated into broader risk management strategies
Maintain strict compliance with legal, ethical, and safety guidelines during all engagements
Stay current with emerging tools, techniques, and threat actor behaviors relevant to physical security testing
Effectively communicate successes and obstacles with fellow team members and team lead(s)
Create written reports, detailing assessment findings and recommendations
Interface with customer contact(s) and staff in a constructive and professional manner
Have subject matter expertise in advanced testing specialties: containerization, automation, wireless/IoT, exploit development, hardware, radio frequency, reconnaissance procedures
Ethically operate with appreciable latitude in developing methodology and applying it in the field
Research and analyze adversary methodologies and develop testing models to mimic adversaries
Ability to communicate clearly and effectively through oral or written communication with all levels in the organization
Ability to initiate, design, execute, complete, and provide metrics on projects with minimal direction
Drive cross-team efforts to address systemic risks across the business
Conduct business/risk portfolio research and test planning work that encompasses holistic testing efforts