Sr Cybersecurity Analyst - Remote or Hybrid in MN and DC
About The Position
Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. The Enterprise Information Security (EIS) team is responsible for cybersecurity across our organization. We support our business and members by reducing risk, rapidly responding to threats, focusing on business resiliency and securing new acquisitions. UnitedHealth Group’s Enterprise Security and Resilience Office (ESRO) is committed to building and maintaining the trust and confidence of our customers and stakeholders. You’ll enjoy the flexibility to work remotely from anywhere within the U.S. as you take on some tough challenges. This position follows a hybrid schedule with four in-office days per week.
Requirements
- Undergraduate degree or 7+ years of equivalent experience
- 3+ years in IAM/PAM, security engineering (CyberArk, Delinea, HashiCorp Vault), systems engineering, or infrastructure operations with direct responsibility for Enterprise production platforms
Nice To Haves
- CyberArk Defender or Sentry (PAM)
- Delinea Associate or Engineer
- HashiCorp Vault Associate
- CompTIA Security
- Experience supporting production on-call rotations and major incident response processes
- Bonus Certifications: CyberArk Guardian HashiCorp Vault Operations Professional CISSP or CISM
- All employees working remotely will be required to adhere to UnitedHealth Group’s Telecommuter Policy
Responsibilities
- Engineer, administer, and maintain PAM and secrets management platforms (CyberArk, Delinea, HashiCorp Vault) across development, test, and production environments
- Design and implement onboarding patterns for: Privileged accounts (human and service accounts) Application secrets (static and dynamic where supported) Credential rotation / reconciliation workflow
- Configure and maintain core PAM capabilities such as: Vaulting and password rotation policies Privileged session management / access workflows (where applicable) Safe / folder / policy structures aligned to least privilege and audibility
- Implement and support integrations with enterprise identity and infrastructure services (e.g., directory services, MFA/SSO, PKI/certificates, endpoints, server platforms, cloud, CI/CD)
- Develop automation for onboarding and operations using scripting and APIs (e.g., PowerShell, Python, REST), including repeatable configuration and deployment patterns
- Partner with application teams to integrate Vault and PAM into SDLC/DevOps pipelines and reduce hard-coded secrets
- This role participates in a one-week on-call rotation managed in ServiceNow and is responsible for ensuring PAM services are running smoothly with emphasis on service restoration.
Benefits
- In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements).
- No matter where or when you begin a career with us, you’ll find a far-reaching choice of benefits and incentives.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
