Cybersecurity Analyst - Hybrid in MN

Requisition Number: 2352095
Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together.
The Insider Risk Analyst is responsible for detecting, analyzing, and investigating potential insider-driven risks to UnitedHealth Group's people, data, and systems. This role supports the Insider Risk Program by monitoring user activity, identifying anomalous or concerning behavior, conducting investigations, and partnering with cross-functional stakeholders to mitigate risk while ensuring privacy, legal, and policy compliance.
The analyst will leverage technical data sources, behavioral indicators, and investigative techniques to assess risk, support casework, and contribute to the continuous improvement of insider risk detection and response capabilities.
If you reside in Minnesota, you'll enjoy the flexibility to telecommute* as you take on some tough challenges.
Primary Responsibilities:
Insider Risk Detection & Analysis

• Monitor and analyze user activity, system logs, and alerts to identify potential insider risk indicators, including data exfiltration, misuse of access, policy violations, or negligent behavior
• Perform analytical triage of insider risk alerts generated from enterprise security tools (e.g., SIEM, DLP, endpoint, identity, and email systems)
• Establish baseline user behavior and identify deviations that may indicate insider risk activity

Investigations & Case Management

• Conduct insider risk investigations by collecting, correlating, and analyzing data from multiple technical and non-technical sources
• Document investigative findings, timelines, and conclusions in accordance with Insider Risk Program procedures and records-retention requirements
• Prepare clear, concise investigative summaries and risk assessments for leadership and stakeholders

Technical & Forensic Support

• Analyze logs, email activity, file access, web activity, and authentication events to support investigations
• Assist with digital forensic data collection and analysis in support of insider risk cases, as appropriate
• Develop, maintain, and refine queries, dashboards, and analytical workflows to improve detection efficiency and investigative quality

Cross-Functional Collaboration

• Partner with HR, Legal, Compliance, Employee Relations, Privacy, and Information Security teams during insider risk reviews and investigation
• Support escalation and coordination with Enterprise Information Security for incidents requiring broader security response
• Participate in insider risk working groups and contribute to program governance activities

Program & Process Improvement

• Contribute to the development and enhancement of insider risk policies, procedures, and standard operating processes
• Assist in defining insider risk indicators, metrics, and reporting to support program maturity
• Support audits, assessments, and program evaluations related to insider risk management

You'll be rewarded and recognized for your performance in an environment that will challenge you and give you clear directions on what it takes to succeed in your role as well as provide development for other roles you may be interested in.
Required Qualifications:

• Bachelor's degree in Cybersecurity, Information Security, Computer Science, Criminal Justice, or a related field or equivalent practical experience
• 3+ years of experience in cybersecurity
• 3+ years of experience in security analysis, investigations, insider risk, threat analysis, or digital forensics
• 2+ years of experience with working knowledge of security logs, user activity monitoring, and investigative techniques
• 2+ years of experience of documenting findings clearly and communicate effectively with both technical and non-technical audiences

Preferred Qualifications:

• Experience supporting an insider risk, fraud, compliance, or digital forensics program
• Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel), DLP tools, endpoint security, or identity monitoring
• Familiarity with insider risk frameworks and best practices (e.g., CERT Insider Threat, NIST CSF)
• Experience collaborating with HR, Legal, Privacy, or Employee Relations teams
• Knowledge of privacy, data protection, and employee monitoring considerations in a regulated environment

Soft Skills:

• Strong analytical and critical-thinking skills with the ability to assess risk objectively
• Demonstrated ability to handle sensitive information with discretion and professionalism

*All Telecommuters will be required to adhere to UnitedHealth Group's Telecommuter Policy.
Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, you'll find a far-reaching choice of benefits and incentives. The salary for this role will range from $72,800 to $130,000 annually based on full-time employment. We comply with all minimum wage laws as applicable.
At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location, and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups, and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.
UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations.
UnitedHealth Group is a drug - free workplace. Candidates are required to pass a drug test before beginning employment.
#RPO #YELLOW