Senior Information Security Engineer
At Optum, we are a global organization that delivers care, aided by technology to help millions of people live healthier lives. Our work is guided by diversity and inclusion, talented peers, comprehensive benefits, and career development opportunities.
About the Role:
We want to make healthcare work better for everyone, which depends on hiring the best and brightest. With a thriving ecosystem of investment and innovation, our business in Ireland is constantly growing to support the healthcare needs of the future. Our teams are at the forefront of building and adapting the latest technologies to propel healthcare forward in a way that better serves everyone.
Key Responsibilities:
* Mentor analysts, providing training and guidance through complex incidents.
* Identify deficiencies in processes and tools, make corrective recommendations, and drive implementation of solutions and efficiencies.
* Monitor incident throughput and ensure team consistently follows established processes.
* Improve incident response times, establishing SLAs.
* Integrate and collaborate with other subject matter experts throughout the organization.
* Influence the creation and/or adoption of new standards and procedures.
* Perform host-based digital forensics on Microsoft Windows systems primarily and other operating systems and document findings in clear and concise language.
* Preserve evidence (both network and host) using forensically sound methods.
* Establish, evaluate, and implement performance metrics.
* Work with Security Architecture and Engineering teams to remain abreast of changes to IT infrastructure and business environments.
Requirements:
* Strong experience working in computer forensics, cyber security investigation, and other related fields.
* Proven experience conducting complex forensic investigations using industry standard forensic tools.
* Experience with cloud environments and Forensics techniques in Azure, AWS, and GCP cloud services providers.
* Knowledge of enterprise level triage; collecting artifacts from endpoints, network sensors, and application logs and performing corresponding analysis.
* Previous experience with and understanding enterprise-wide technology risks that are inherent to a business and an ability to effectively communicate those risks to stakeholders.
Preferred Qualifications:
* Direct experience with current advanced persistent threats.
* Undergraduate degree or equivalent experience.
* Deep expertise with EnCase.
* Experience with NetWitness, FireEye, Splunk, and/or RSA Security Analytics.
* Knowledge of Volatility, Rekall, and/or Mandiant Redline.
* Knowledge of Chain of Custody process and procedures.
* Network traffic knowledge.
* 1 or more of the following certifications: QSA, CCFP, EnCE, X-Pert, GCFE, GCFA, GNFA, CISSP, and/or GREM Certification.
Compensation: The estimated salary for this role is $120,000 per year, depending on location and qualifications.