Design, deploy, and maintain SIEM solutions (Microsoft Sentinel, Splunk, CrowdStrike); develop detection rules and dashboards; integrate log sources; perform incident triage, investigation, threat hunting, and response; tune SIEM/EDR and implement automation via SOAR or scripting.
Requisition Number: 2356996
Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together.
We are seeking an experienced SIEM Engineer with strong hands-on expertise in Microsoft Sentinel, Splunk, and CrowdStrike to design, implement, and manage enterprise security monitoring solutions. The ideal candidate will have deep knowledge of incident detection & response, along with exposure to network security technologies such as firewalls, IDS/IPS, and email security solutions.
Primary Responsibilities:
Required Qualifications:
At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.
Optum is a drug-free workplace. © 2026 Optum Global Solutions (Philippines) Inc. All rights reserved.
Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together.
We are seeking an experienced SIEM Engineer with strong hands-on expertise in Microsoft Sentinel, Splunk, and CrowdStrike to design, implement, and manage enterprise security monitoring solutions. The ideal candidate will have deep knowledge of incident detection & response, along with exposure to network security technologies such as firewalls, IDS/IPS, and email security solutions.
Primary Responsibilities:
- Design, deploy, and maintain SIEM platforms including Microsoft Sentinel, CrowdStrike and Splunk
- Develop and optimize use cases, detection rules, dashboards, and alerts
- Integrate multiple log sources (cloud, on-prem, applications, endpoints) into SIEM
- Perform security incident triage, investigation, and response
- Leverage CrowdStrike for endpoint detection and response (EDR) and threat hunting
- Tune SIEM and EDR solutions to reduce false positives and improve detection accuracy
- Conduct threat hunting activities using telemetry from SIEM and EDR tools
- Work closely with SOC teams to support incident handling and escalation
- Perform log analysis and correlation to identify potential security threats
- Implement automation using playbooks, SOAR, or scripting (PowerShell/Python)
- Ensure compliance with security policies, standards, and frameworks
- Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so
Required Qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related field
- Relevant certifications (preferred but not mandatory):
Microsoft SC-200 / AZ-500 - Splunk Certified Power User / Admin
- CrowdStrike certifications
- CEH, CISSP, or equivalent
- Solid hands-on experience with:
- Microsoft Sentinel (Azure SIEM/SOAR)
- Splunk (Enterprise Security preferred)
- CrowdStrike Falcon (EDR)
- Hands-on experience with:
- Firewalls (Palo Alto, Fortinet, Check Point, etc.)
- IDS/IPS solutions
- Email Security Gateways (Proofpoint, Mimecast, O365 Defender, etc.)
- Experience in incident response and security event analysis
- Solid knowledge of SIEM architecture, log management, and correlation
- Understanding of network protocols (TCP/IP, DNS, HTTP, etc.)
- Familiarity with:
- Azure Security / Cloud Security concepts
- Threat intelligence platforms
- MITRE ATT&CK framework
- Scripting knowledge (Python / PowerShell)
- Experience with SOAR tools
At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.
Optum is a drug-free workplace. © 2026 Optum Global Solutions (Philippines) Inc. All rights reserved.
Similar Jobs at Optum
Artificial Intelligence • Big Data • Healthtech • Information Technology • Machine Learning • Software • Analytics
Lead and contribute to identity and access management (IAM/PAM) and security operations. Implement, deploy, and optimize SailPoint and PAM solutions, integrate with SIEM/SOC, enforce access governance and compliance, remediate identity risks, support incident escalation, deliver metrics and automation (including AI/Copilot), maintain SOPs, and mentor team members.
Top Skills:
Ai/CopilotAWSAzureBashCisCyberarkDelineaExcelGCPGrcHipaaIsoMicrosoft SentinelNistPowershellPythonSailpointSailpoint IdnSailpoint IiqSIEMSocSoc2SoxSplunkSQLTvm
Artificial Intelligence • Big Data • Healthtech • Information Technology • Machine Learning • Software • Analytics
Lead and execute identity and privileged access management, provisioning lifecycle, PAM and IAM implementations, incident escalation, SIEM/SOC enablement, compliance and audit support, metrics reporting, automation (including AI/Copilot), documentation, and mentoring to improve security operations and access governance.
Top Skills:
A I CopilotAicopilotAWSAzureBashCyberarkDelineaExcelGCPGrcMicrosoft SentinelPowershellPythonSailpointSailpoint IdnSailpoint IiqSIEMSplunkSQLTvm
Artificial Intelligence • Big Data • Healthtech • Information Technology • Machine Learning • Software • Analytics
Perform basic, repeated HR tasks under supervision: respond to standard requests, follow established procedures to solve routine issues, collaborate with team members, and comply with company policies. Complete required internship hours and maintain academic and disciplinary standing.
What you need to know about the Austin Tech Scene
Austin has a diverse and thriving tech ecosystem thanks to home-grown companies like Dell and major campuses for IBM, AMD and Apple. The state’s flagship university, the University of Texas at Austin, is known for its engineering school, and the city is known for its annual South by Southwest tech and media conference. Austin’s tech scene spans many verticals, but it’s particularly known for hardware, including semiconductors, as well as AI, biotechnology and cloud computing. And its food and music scene, low taxes and favorable climate has made the city a destination for tech workers from across the country.
Key Facts About Austin Tech
- Number of Tech Workers: 180,500; 13.7% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Dell, IBM, AMD, Apple, Alphabet
- Key Industries: Artificial intelligence, hardware, cloud computing, software, healthtech
- Funding Landscape: $4.5 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Live Oak Ventures, Austin Ventures, Hinge Capital, Gigafund, KdT Ventures, Next Coast Ventures, Silverton Partners
- Research Centers and Universities: University of Texas, Southwestern University, Texas State University, Center for Complex Quantum Systems, Oden Institute for Computational Engineering and Sciences, Texas Advanced Computing Center

