Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead advanced detection strategies and combat evolving cyber threats in a remote role.
- Company: Join Optum, a Fortune 5 healthcare leader dedicated to improving health outcomes globally.
- Benefits: Enjoy comprehensive benefits, career development opportunities, and a diverse, inclusive culture.
- Why this job: Make a real impact on health equity while working with talented peers in a supportive environment.
- Qualifications: Extensive experience in Yara-L, SOC environments, and strong analytical skills required.
- Other info: Must be eligible to work indefinitely in the UK; remote work policy applies.
The predicted salary is between 43200 - 72000 £ per year.
Senior Cyber Threat Detection Engineer – United Kingdom, Remote
Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together.
As a Fortune 5 business, we’re one of the world’s leading healthcare companies. There are no limits here on the resources you’ll have or the challenges you’ll encounter.
As a skilled Senior Cyber Threat Detection Engineer you will lead advanced detection strategies and combat evolving cyber threats. As a critical member of the team, you will focus on optimizing detection capabilities, proactive threat hunting, and incident investigations, driving the organization’s ability to detect and mitigate security risks effectively.
Primary Responsibilities of the Senior Cyber Threat Detection Engineer:
- Lead the development, implementation, and tuning of detection rules in Google SecOps (Chronicle) using Yara-L language to ensure high-fidelity alerts and minimal false positives.
- Utilize a SIEM platform to monitor and analyze security logs, identify threats, and investigate complex security incidents.
- Conduct proactive threat hunting to identify malicious activities leveraging advanced analytics and threat intelligence.
- Coordinate and lead incident response activities, including containment, root cause analysis, eradication, and recovery.
- Research emerging cyber threats and vulnerabilities to enhance detection strategies.
- Optimize and configure security tools and platforms to improve detection and response capabilities.
- Collaborate with cross-functional teams to integrate new log sources and refine existing telemetry for advanced detection.
- Develop and maintain code libraries to enrich security telemetry within the detection pipeline.
- Conduct code reviews and provide mentorship to junior team members.
- Build and maintain relationships across teams to enhance overall security posture.
Required Qualifications of the Senior Cyber Threat Detection Engineer:
- Extensive experience in writing and optimizing detection queries in Yara-L language for Google SecOps (Chronicle).
- Experience working in a Security Operations Center (SOC) or Security Incident Response environment.
- Strong experience writing detection queries in additional languages (e.g., KQL for Microsoft Defender, SPL for Splunk).
- Experience working with SIEM log analysis, monitoring, and investigation.
- Identifying attacker tactics, techniques, and procedures.
- Knowledge of EDR, email security, and SaaS application security.
- Strong understanding of log sources (network, host, application).
- Strong analytical and problem-solving capabilities to identify and mitigate security risks.
- Excellent communication and collaboration skills to work effectively in a team environment.
- Expertise in modern attack patterns and the evolving threat landscape.
Please note you must currently be eligible to work and remain indefinitely without any restrictions in the country to which you are making an application. Proof will be required to support your application.
All telecommuters will be required to adhere to the UnitedHealth Group’s Telecommuter Policy.
At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission.
Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, sexual orientation, or any other characteristic protected by law. UnitedHealth Group is a drug-free workplace. 2023 UnitedHealth Group. All rights reserved.
#J-18808-Ljbffr
Senior Cyber Detection Engineer employer: Optum
Contact Detail:
Optum Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Cyber Detection Engineer
✨Tip Number 1
Familiarize yourself with Yara-L language and Google SecOps (Chronicle) if you haven't already. Since the role emphasizes writing and optimizing detection queries in Yara-L, showcasing your proficiency in this area during discussions can set you apart.
✨Tip Number 2
Highlight any experience you have in a Security Operations Center (SOC) or Security Incident Response environment. Be prepared to discuss specific incidents you've handled and how you approached threat detection and incident response.
✨Tip Number 3
Stay updated on the latest cyber threats and vulnerabilities. Being knowledgeable about current attack patterns and emerging threats will demonstrate your commitment to proactive threat hunting and your ability to enhance detection strategies.
✨Tip Number 4
Emphasize your collaboration skills. This role requires working with cross-functional teams, so be ready to share examples of how you've successfully collaborated with others to improve security posture or integrate new log sources.
We think you need these skills to ace Senior Cyber Detection Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your extensive experience in writing and optimizing detection queries, especially in Yara-L language for Google SecOps. Include specific examples of your work in a Security Operations Center (SOC) or Security Incident Response environment.
Craft a Strong Cover Letter: In your cover letter, express your passion for cybersecurity and how your skills align with the responsibilities of the Senior Cyber Threat Detection Engineer role. Mention your experience with SIEM platforms and proactive threat hunting to demonstrate your fit for the position.
Showcase Relevant Skills: Highlight your strong analytical and problem-solving capabilities, as well as your knowledge of modern attack patterns and the evolving threat landscape. Be sure to mention any experience you have with EDR, email security, and SaaS application security.
Proofread Your Application: Before submitting your application, carefully proofread all documents to ensure there are no errors. A polished application reflects your attention to detail, which is crucial in the cybersecurity field.
How to prepare for a job interview at Optum
✨Showcase Your Technical Skills
Be prepared to discuss your experience with Yara-L and other detection query languages. Highlight specific examples of how you've developed and optimized detection rules in previous roles, especially in Google SecOps.
✨Demonstrate Proactive Threat Hunting
Share your approach to proactive threat hunting. Discuss any tools or methodologies you’ve used to identify malicious activities and how you leverage threat intelligence in your investigations.
✨Emphasize Collaboration and Communication
Since this role involves working with cross-functional teams, be ready to talk about your experience collaborating with others. Provide examples of how you've built relationships to enhance security posture and how you communicate complex technical information effectively.
✨Stay Updated on Cyber Threats
Research current trends in cyber threats and vulnerabilities. Be prepared to discuss recent incidents or emerging attack patterns that could impact the organization, demonstrating your commitment to staying informed in this rapidly evolving field.
