Senior Information Security Engineer Analyst - Muntinlupa City

Manual Access Provisioning Specialist (Extended IAM & Security Responsibilities)

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together

As a Manual Access Provisioning Specialist (Extended IAM & Security Responsibilities), you will play a critical role in ensuring secure, compliant, and efficient user access lifecycle management across the organization. In addition to manual provisioning activities, this role requires hands-on exposure to Identity Governance (SailPoint), Privileged Access Management (PAM) platforms such as CyberArk and Delinea, and foundational understanding of SIEM/SOC operations and Threat & Vulnerability Management.

You will collaborate closely with CISOs, senior security leaders, application owners, and cross-functional security teams to implement scalable IAM solutions, onboard new businesses, manage SOPs, deliver KT, and continuously enhance the enterprise access control program.

Primary Responsibilities:

• Gather & translate access needs: Collaborate with clients and stakeholders to collect access requirements and convert them into secure, role-appropriate provisioning strategies
• Manual provisioning/de-provisioning: Execute access provisioning and removal across on-prem and cloud environments, including Active Directory and third-party applications
• Governance & compliance: Ensure all access activities align with internal security policies, regulatory requirements, and IAM best practices
• Process documentation (SOPs): Maintain, review, and update Standard Operating Procedures for access provisioning to ensure alignment with evolving security and operational needs
• Knowledge transfer & documentation: Conduct KT sessions and maintain knowledge base documentation to support continuity and operational readiness
• Identity Governance (SailPoint IIQ / IDN)
• Application onboarding to SailPoint: Support onboarding of applications into SailPoint IdentityIQ / IdentityNow, including connector configuration, attribute mapping, and workflow enhancements
• Rules, workflows & campaigns: Assist in creating/modifying custom rules, workflows, certification campaigns, and automation logic to strengthen identity lifecycle governance
• Troubleshooting & stabilization: Help resolve IIQ/IDN issues (e.g., provisioning failures, rule logic errors, access review configuration issues)
• Lifecycle automation support: Work with development teams to support and improve identity lifecycle automation initiatives
• Privileged Access Management (CyberArk / Delinea)
• PAM integrations & onboarding: Support integration of enterprise applications, databases, and infrastructure components into CyberArk and Delinea PAM vaults
• Privileged policy configuration: Assist in configuring password rotation, session recording, privileged access workflows, and access request models
• Privileged account governance: Monitor and manage privileged account onboarding, maintenance activities, and compliance reporting
• PAM troubleshooting: Troubleshoot vault and component issues including session manager, PSM/PSMP, and connector-related problems
• SOC & SIEM Awareness
• SOC collaboration: Coordinate with SOC teams to ensure access-related activities support security monitoring and detection requirements
• Security data enablement: Provide access logs, entitlement insights, and privileged activity data to strengthen detection and investigation use cases
• SIEM correlation awareness: Understand and support IAM/PAM-related correlation rules within SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar)
• Threat & Vulnerability Management (TVM)
• Access risk remediation: Partner with TVM teams to remediate access-related vulnerabilities such as excessive privileges, orphan accounts, and stale entitlements
• IAM risk assessment & reporting: Assess and report IAM-centered risk exposures using vulnerability intelligence
• Privilege reviews & risk reduction: Support periodic privilege reviews, toxic combination analysis, and provide recommendations to reduce access-related risk

Required Qualifications:

• Graduate degree or equivalent experience
• 4+ years of experience in Information Security with a focus on IAM
• Hands-on experience in manual provisioning and strong understanding of IAM fundamentals
• Knowledge of SIEM/SOC workflows and IAM-related detection use cases
• Understanding of threat and vulnerability management concepts
• Familiarity with security frameworks such as NIST CSF, ISO 27001, CIS Benchmarks
• Proven exposure to SailPoint IIQ/IDN development, CyberArk, and/or Delinea platforms
• Proven solid analytical/problem-solving skills and ability to work independently or collaboratively

Preferred Qualification:

• Scripting knowledge (PowerShell, Python, etc.)

At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.