Ethical Hacking Penetration Analyst - Golden Valley, MN and Telecommute - Full-time / Part-time

UnitedHealth Group is a company that's on the rise. We're expanding in multiple directions, across borders and, most of all, in the way we think. Here, innovation isn't about another gadget, it's about transforming the health care industry. Ready to make a difference? Make yourself at home with us and start doing your life's best work.(sm)

Primary Responsibilities:

• Work as part of a penetration testing team, taking direction from team lead(s) and executing directives in a thorough and timely fashion


• Ethically operate with appreciable latitude in developing methodology and applying it in the field


• Create written reports, detailing assessment findings and recommendations


• Conduct vulnerability assessments on a wide variety of technologies and implementations utilizing both automated tools and manual techniques


• network penetration tests


• application penetration tests (web and thick client)


• wireless security assessments


• Effectively communicate successes and obstacles with fellow team members and team lead(s)


• Interface with customer contact(s) and staff in a constructive and professional manner


• Develop subject matter expertise in topics to include: network, database, wireless and application security assessments, and adversarial network operations


• Research and analyze known hacker methodology, system exploits, and vulnerabilities to support methodology development and execution


• Utilize common vulnerability assessment and penetration testing tools

Required Qualifications:

• Bachelor's Degree OR High School Diploma/GED with 4 years of equivalent experience and GIAC and/or other Penetration Testing-related Certification


• 5+ years of experience in the IT industry (system administration, software development, etc...)


• Demonstrable technical experience with UNIX/Linux and Windows operating systems, major network devices (Cisco, etc...) and at least one type of database


• Demonstrable technical experience with Web Application Penetration Testing


• Demonstrable technical experience with assessment and exploitation tools:  Metasploit Pro, Nexpose, and Burp Suite Pro


• Experience/understanding of networking - port numbers, services, protocols, TCP-IP stack, OSI-Model


• Experience/understanding of OWASP


• Experience/Working knowledge of at least one programming or scripting language


• United States Citizenship


• Ability to obtain favorable adjudication following submission of Department of Defense form SF86 NAC form SF86 

Preferred Qualifications:

• The following certifications are highly desired: OSCP, CISSP, CEH, CWAPT, CPT


• Experience with common network vulnerability assessment techniques and tools such as: Nmap, Nessus, WebInspect, etc.


• Experience with NIDS/HIDS, network and application firewalls, proxies and other information security products


• Familiarity with common penetration testing methodologies such as the OSSTMM, OWASP Testing Guide and the PTES


• Familiarity with web application concepts, such as JavaScript, XML, SOAP, REST, AJAX, etc.

As a requirement of UnitedHealth Group's contract with the Department of Defense, this position requires U.S. citizenship and proof of favorable adjudication following submission of Department of Defense , (the National Agency Check Legal and Credit or NACLC). Successful completion of the NACLC process is a requirement for continued employment in this role. NACLC processing will be initiated by our TRICARE Security Officer post-offer, and can take 3-6 months for a final decision communication from the Department of Defense. Candidates will be allowed to begin employment with UnitedHealth Group in this role based on an interim clearance, and final results will be communicated as they are received. Failure to obtain final NACLC approval will result in termination from this role.

Technology Careers with Optum. Information and technology have amazing power to transform the health care industry and improve people's lives. This is where it's happening. This is where you'll help solve the problems that have never been solved. We're freeing information so it can be used safely and securely wherever it's needed. We're creating the very best ideas that can most easily be put into action to help our clients improve the quality of care and lower costs for millions. This is where the best and the brightest work together to make positive change a reality. This is the place to do your life's best work.(sm)

Diversity creates a healthier atmosphere: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.

UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.

Job keywords: Cyber Security, Unix, Linux, OWASP, Golden Valley, MN